Commit 83bee34c authored by catch's avatar catch

Issue #3054311 by alexpott: Deprecate...

Issue #3054311 by alexpott: Deprecate \Drupal\Component\Utility\Crypt::randomBytes() in favour of PHP's builtin random_bytes()
parent 61f97d31
......@@ -28,10 +28,13 @@ class Crypt {
* @return string
* A randomly generated string.
*
* @todo Deprecate in favor of random_bytes().
* https://www.drupal.org/node/3054311
* @deprecated in Drupal 8.8.0 and will be removed before Drupal 9.0.0.
* Use PHP's built-in random_bytes() function instead.
*
* @see https://www.drupal.org/node/3054488
*/
public static function randomBytes($count) {
@trigger_error(__CLASS__ . '::randomBytes() is deprecated in Drupal 8.8.0 and will be removed before Drupal 9.0.0. Use PHP\'s built-in random_bytes() function instead. See https://www.drupal.org/node/3054488', E_USER_DEPRECATED);
return random_bytes($count);
}
......@@ -107,7 +110,7 @@ public static function hashEquals($known_string, $user_string) {
* @see \Drupal\Component\Utility\Crypt::randomBytes()
*/
public static function randomBytesBase64($count = 32) {
return str_replace(['+', '/', '='], ['-', '_', ''], base64_encode(static::randomBytes($count)));
return str_replace(['+', '/', '='], ['-', '_', ''], base64_encode(random_bytes($count)));
}
}
......@@ -2,8 +2,6 @@
namespace Drupal\Component\Uuid;
use Drupal\Component\Utility\Crypt;
/**
* Generates a UUID v4 (RFC 4122 section 4.4) using PHP code.
*
......@@ -17,7 +15,7 @@ class Php implements UuidInterface {
*/
public function generate() {
// Obtain a random string of 32 hex characters.
$hex = bin2hex(Crypt::randomBytes(16));
$hex = bin2hex(random_bytes(16));
// The variable names $time_low, $time_mid, $time_hi_and_version,
// $clock_seq_hi_and_reserved, $clock_seq_low, and $node correlate to
......
......@@ -9,8 +9,7 @@
"source": "https://www.drupal.org/project/drupal/git-instructions"
},
"require": {
"php": ">=7.0.8",
"drupal/core-utility": "^8.2"
"php": ">=7.0.8"
},
"autoload": {
"psr-4": {
......
......@@ -108,7 +108,7 @@ protected function generateSalt() {
// We encode the final log2 iteration count in base 64.
$output .= static::$ITOA64[$this->countLog2];
// 6 bytes is the standard salt for a portable phpass hash.
$output .= $this->base64Encode(Crypt::randomBytes(6), 6);
$output .= $this->base64Encode(random_bytes(6), 6);
return $output;
}
......
......@@ -314,7 +314,7 @@ function user_password($length = 10) {
for ($i = 0; $i < $length; $i++) {
do {
// Find a secure random number within the range needed.
$index = ord(Crypt::randomBytes(1));
$index = ord(random_bytes(1));
} while ($index > $len);
// Each iteration, pick a random character from the
......
......@@ -18,17 +18,11 @@ class CryptTest extends TestCase {
* Tests random byte generation.
*
* @covers ::randomBytes
*
* @see \Drupal\Tests\Component\Utility\CryptRandomFallbackTest::testRandomBytesFallback
* @expectedDeprecation Drupal\Component\Utility\Crypt::randomBytes() is deprecated in Drupal 8.8.0 and will be removed before Drupal 9.0.0. Use PHP's built-in random_bytes() function instead. See https://www.drupal.org/node/3054488
* @group legacy
*/
public function testRandomBytes() {
for ($i = 1; $i < 10; $i++) {
$count = rand(10, 10000);
// Check that different values are being generated.
$this->assertNotEquals(Crypt::randomBytes($count), Crypt::randomBytes($count));
// Check the length.
$this->assertEquals(strlen(Crypt::randomBytes($count)), $count);
}
$this->assertSame(16, strlen(Crypt::randomBytes(16)));
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment