silverstripe-framework/src/Security/RandomGenerator.php

<?php

namespace SilverStripe\Security;

use Error;
use Exception;
use SilverStripe\Dev\Deprecation;

/**
 * Convenience class for generating cryptographically secure pseudo-random strings/tokens
 */
class RandomGenerator
{
    /**
     * @return string A 128-character, randomly generated ASCII string
     * @throws Exception If no suitable CSPRNG is installed
     * @deprecated 4.4.0:5.0.0
     */
    public function generateEntropy()
    {
        Deprecation::notice('4.4', __METHOD__ . ' has been deprecated. Use random_bytes instead');

        try {
            return bin2hex(random_bytes(64));
        } catch (Error $e) {
            throw $e; // This is required so that Error exceptions in PHP 5 aren't caught below
        } catch (Exception $e) {
            throw new Exception(
                'It appears there is no suitable CSPRNG (random number generator) installed. '
                . 'Please review the server requirements documentation: '
                . 'https://docs.silverstripe.org/en/getting_started/server_requirements/'
            );
        }
    }

    /**
     * Generates a random token that can be used for session IDs, CSRF tokens etc., based on
     * hash algorithms.
     *
     * If you are using it as a password equivalent (e.g. autologin token) do NOT store it
     * in the database as a plain text but encrypt it with Member::encryptWithUserSettings.
     *
     * @param string $algorithm Any identifier listed in hash_algos() (Default: whirlpool)
     * @return string Returned length will depend on the used $algorithm
     * @throws Exception When there is no valid source of CSPRNG
     */
    public function randomToken($algorithm = 'whirlpool')
    {
        return hash($algorithm, random_bytes(64));
    }
}
ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-12-05 01:18:19 +01:00			`<?php`
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00
			`namespace SilverStripe\Security;`

Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`use Error;`
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00			`use Exception;`
NEW Deprecate RandomGenerator::generateEntropy in favour of using random_bytes directly 2018-11-01 07:51:15 +01:00			`use SilverStripe\Dev\Deprecation;`
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00
ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-12-05 01:18:19 +01:00			`/**`
Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`* Convenience class for generating cryptographically secure pseudo-random strings/tokens`
ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc. git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-12-05 01:18:19 +01:00			`*/`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`class RandomGenerator`
			`{`
			`/**`
Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`* @return string A 128-character, randomly generated ASCII string`
			`* @throws Exception If no suitable CSPRNG is installed`
Alter deprecation version numbers Co-Authored-By: ScopeyNZ <guy@scopey.co.nz> 2018-11-05 12:07:24 +01:00			`* @deprecated 4.4.0:5.0.0`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`*/`
			`public function generateEntropy()`
			`{`
NEW Deprecate RandomGenerator::generateEntropy in favour of using random_bytes directly 2018-11-01 07:51:15 +01:00			`Deprecation::notice('4.4', __METHOD__ . ' has been deprecated. Use random_bytes instead');`

Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`try {`
FIX PHP 7.x should use random_bytes for entropy ahead of deprecated mcrypt lib 2016-12-29 11:46:08 +01:00			`return bin2hex(random_bytes(64));`
Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`} catch (Error $e) {`
			`throw $e; // This is required so that Error exceptions in PHP 5 aren't caught below`
			`} catch (Exception $e) {`
			`throw new Exception(`
			`'It appears there is no suitable CSPRNG (random number generator) installed. '`
			`. 'Please review the server requirements documentation: '`
			`. 'https://docs.silverstripe.org/en/getting_started/server_requirements/'`
			`);`
FIX PHP 7.x should use random_bytes for entropy ahead of deprecated mcrypt lib 2016-12-29 11:46:08 +01:00			`}`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`}`
API Hash autologin tokens before storing in the database. Refactor the code to make it clear the distinction is made between a plaintext token and a hashed version. Rename fields so it is more obvious what is being written and what sent out to the user. This reuses the salt and algorithm from the Member, which are kept constant throughout the Member lifetime in a normal scenario. If they do change, users will need to re-request so the hashes can be regenerated. 2012-11-08 04:33:19 +01:00
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`/**`
			`* Generates a random token that can be used for session IDs, CSRF tokens etc., based on`
			`* hash algorithms.`
			`*`
			`* If you are using it as a password equivalent (e.g. autologin token) do NOT store it`
			`* in the database as a plain text but encrypt it with Member::encryptWithUserSettings.`
			`*`
Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 12:18:56 +02:00			`* @param string $algorithm Any identifier listed in hash_algos() (Default: whirlpool)`
			`* @return string Returned length will depend on the used $algorithm`
NEW Deprecate RandomGenerator::generateEntropy in favour of using random_bytes directly 2018-11-01 07:51:15 +01:00			`* @throws Exception When there is no valid source of CSPRNG`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`*/`
			`public function randomToken($algorithm = 'whirlpool')`
			`{`
NEW Deprecate RandomGenerator::generateEntropy in favour of using random_bytes directly 2018-11-01 07:51:15 +01:00			`return hash($algorithm, random_bytes(64));`
PSR2: Whitespace-only changes 2016-11-29 00:31:16 +01:00			`}`
API Hash autologin tokens before storing in the database. Refactor the code to make it clear the distinction is made between a plaintext token and a hashed version. Rename fields so it is more obvious what is being written and what sent out to the user. This reuses the salt and algorithm from the Member, which are kept constant throughout the Member lifetime in a normal scenario. If they do change, users will need to re-request so the hashes can be regenerated. 2012-11-08 04:33:19 +01:00			`}`