From 8e9a078ff9f45f53b2b77494eef76ebebd8501c1 Mon Sep 17 00:00:00 2001 From: Tux Date: Fri, 19 Aug 2016 10:40:12 -0400 Subject: [PATCH] Use built-in random_bytes functionality --- src/pocketmine/PocketMine.php | 2 +- src/pocketmine/Server.php | 4 +- src/pocketmine/network/query/QueryHandler.php | 2 +- src/pocketmine/utils/Utils.php | 106 ++---------------- src/pocketmine/wizard/Installer.php | 2 +- 5 files changed, 12 insertions(+), 104 deletions(-) diff --git a/src/pocketmine/PocketMine.php b/src/pocketmine/PocketMine.php index 27f239801..517adebf4 100644 --- a/src/pocketmine/PocketMine.php +++ b/src/pocketmine/PocketMine.php @@ -450,7 +450,7 @@ namespace pocketmine { @define("ENDIANNESS", (pack("d", 1) === "\77\360\0\0\0\0\0\0" ? Binary::BIG_ENDIAN : Binary::LITTLE_ENDIAN)); @define("INT32_MASK", is_int(0xffffffff) ? 0xffffffff : -1); - @ini_set("opcache.mmap_base", bin2hex(Utils::getRandomBytes(8, false))); //Fix OPCache address errors + @ini_set("opcache.mmap_base", bin2hex(random_bytes(8))); //Fix OPCache address errors if(!file_exists(\pocketmine\DATA . "server.properties") and !isset($opts["no-wizard"])){ new Installer(); diff --git a/src/pocketmine/Server.php b/src/pocketmine/Server.php index 4d2ae71fe..c47264798 100644 --- a/src/pocketmine/Server.php +++ b/src/pocketmine/Server.php @@ -1056,7 +1056,7 @@ class Server{ return false; } - $seed = $seed === null ? Binary::readInt(@Utils::getRandomBytes(4, false)) : (int) $seed; + $seed = $seed === null ? Binary::readInt(random_bytes(4)) : (int) $seed; if(!isset($options["preset"])){ $options["preset"] = $this->getConfigString("generator-settings", ""); @@ -1452,7 +1452,7 @@ class Server{ "level-type" => "DEFAULT", "enable-query" => true, "enable-rcon" => false, - "rcon.password" => substr(base64_encode(@Utils::getRandomBytes(20, false)), 3, 10), + "rcon.password" => substr(base64_encode(random_bytes(20)), 3, 10), "auto-save" => true, ]); diff --git a/src/pocketmine/network/query/QueryHandler.php b/src/pocketmine/network/query/QueryHandler.php index 465936d01..503f33824 100644 --- a/src/pocketmine/network/query/QueryHandler.php +++ b/src/pocketmine/network/query/QueryHandler.php @@ -65,7 +65,7 @@ class QueryHandler{ public function regenerateToken(){ $this->lastToken = $this->token; - $this->token = @Utils::getRandomBytes(16, false); + $this->token = random_bytes(16); } public static function getTokenString($token, $salt){ diff --git a/src/pocketmine/utils/Utils.php b/src/pocketmine/utils/Utils.php index 8825ea2ba..fdec8859f 100644 --- a/src/pocketmine/utils/Utils.php +++ b/src/pocketmine/utils/Utils.php @@ -335,6 +335,7 @@ class Utils{ /** * This function tries to get all the entropy available in PHP, and distills it to get a good RNG. * + * This function simply forwards to the PHP random_bytes function. * * @param int $length default 16, Number of bytes to generate * @param bool $secure default true, Generate secure distilled bytes, slower @@ -343,109 +344,16 @@ class Utils{ * @param int &$rounds Will be set to the number of rounds taken * @param int &$drop Will be set to the amount of dropped bytes * + * @deprecated prefer PHP 7 random_bytes() * @return string */ public static function getRandomBytes($length = 16, $secure = true, $raw = true, $startEntropy = "", &$rounds = 0, &$drop = 0){ - static $lastRandom = ""; - $output = ""; - $length = abs((int) $length); - $secureValue = ""; - $rounds = 0; - $drop = 0; - while(!isset($output{$length - 1})){ - //some entropy, but works ^^ - $weakEntropy = [ - is_array($startEntropy) ? implode($startEntropy) : $startEntropy, - __DIR__, - PHP_OS, - microtime(), - (string) lcg_value(), - (string) PHP_MAXPATHLEN, - PHP_SAPI, - (string) PHP_INT_MAX . "." . PHP_INT_SIZE, - serialize($_SERVER), - get_current_user(), - (string) memory_get_usage() . "." . memory_get_peak_usage(), - php_uname(), - phpversion(), - zend_version(), - (string) getmypid(), - (string) getmyuid(), - (string) mt_rand(), - (string) getmyinode(), - (string) getmygid(), - (string) rand(), - function_exists("zend_thread_id") ? ((string) zend_thread_id()) : microtime(), - function_exists("getrusage") ? implode(getrusage()) : microtime(), - function_exists("sys_getloadavg") ? implode(sys_getloadavg()) : microtime(), - serialize(get_loaded_extensions()), - sys_get_temp_dir(), - (string) disk_free_space("."), - (string) disk_total_space("."), - uniqid(microtime(), true), - file_exists("/proc/cpuinfo") ? file_get_contents("/proc/cpuinfo") : microtime(), - ]; - - shuffle($weakEntropy); - $value = hash("sha512", implode($weakEntropy), true); - $lastRandom .= $value; - foreach($weakEntropy as $k => $c){ //mixing entropy values with XOR and hash randomness extractor - $value ^= hash("sha256", $c . microtime() . $k, true) . hash("sha256", mt_rand() . microtime() . $k . $c, true); - $value ^= hash("sha512", ((string) lcg_value()) . $c . microtime() . $k, true); - } - unset($weakEntropy); - - if($secure === true){ - - if(file_exists("/dev/urandom")){ - $fp = fopen("/dev/urandom", "rb"); - $systemRandom = fread($fp, 64); - fclose($fp); - }else{ - $systemRandom = str_repeat("\x00", 64); - } - - $strongEntropyValues = [ - is_array($startEntropy) ? hash("sha512", $startEntropy[($rounds + $drop) % count($startEntropy)], true) : hash("sha512", $startEntropy, true), //Get a random index of the startEntropy, or just read it - $systemRandom, - function_exists("openssl_random_pseudo_bytes") ? openssl_random_pseudo_bytes(64) : str_repeat("\x00", 64), - function_exists("mcrypt_create_iv") ? mcrypt_create_iv(64, MCRYPT_DEV_URANDOM) : str_repeat("\x00", 64), - $value, - ]; - $strongEntropy = array_pop($strongEntropyValues); - foreach($strongEntropyValues as $value){ - $strongEntropy = $strongEntropy ^ $value; - } - $value = ""; - //Von Neumann randomness extractor, increases entropy - $bitcnt = 0; - for($j = 0; $j < 64; ++$j){ - $a = ord($strongEntropy{$j}); - for($i = 0; $i < 8; $i += 2){ - $b = ($a & (1 << $i)) > 0 ? 1 : 0; - if($b != (($a & (1 << ($i + 1))) > 0 ? 1 : 0)){ - $secureValue |= $b << $bitcnt; - if($bitcnt == 7){ - $value .= chr($secureValue); - $secureValue = 0; - $bitcnt = 0; - }else{ - ++$bitcnt; - } - ++$drop; - }else{ - $drop += 2; - } - } - } - } - $output .= substr($value, 0, min($length - strlen($output), $length)); - unset($value); - ++$rounds; + $raw_output = random_bytes($length); + if($raw){ + return $raw_output; + }else{ + return bin2hex($raw_output); } - $lastRandom = hash("sha512", $lastRandom, true); - - return $raw === false ? bin2hex($output) : $output; } /* diff --git a/src/pocketmine/wizard/Installer.php b/src/pocketmine/wizard/Installer.php index 99d42f05e..dc201d95a 100644 --- a/src/pocketmine/wizard/Installer.php +++ b/src/pocketmine/wizard/Installer.php @@ -175,7 +175,7 @@ LICENSE; echo "[?] " . $this->lang->rcon_enable . " (y/N): "; if(strtolower($this->getInput("n")) === "y"){ $config->set("enable-rcon", true); - $password = substr(base64_encode(@Utils::getRandomBytes(20, false)), 3, 10); + $password = substr(base64_encode(random_bytes(20)), 3, 10); $config->set("rcon.password", $password); echo "[*] " . $this->lang->rcon_password . ": " . $password . "\n"; }else{