HomeDevCentral
Diffusion Keruald OmniTools b9a3012239c1

Use cryptographically secure pseudo-random integers
b9a3012239c1
Actions

This commit has been deleted in the repository: it is no longer reachable from any branch, tag, or ref.

Description

Use cryptographically secure pseudo-random integers

Summary:
Methods from Identifiers\Random were currently implemented using
the Mersenne Twister general-purpose pseudorandom number generator.

As randomness is often used as a source to generate credentials,
and to also offer unbiaised results for games, this changes switch
to the CSPRNG method random_int. The random_bytes method was already used.

According PHP manual, the "cryptographically secure pseudo-random number
generator (CSPRNG) API provides an easy and reliable way to generate
crypto-strong random integers and bytes for use within cryptographic contexts."

As our library is PHP 7+ (actually PHP 8.1+), the CSPRNG methods are always
available.

Test Plan: Run unit tests, no regression detected.

Reviewers: dereckson

Reviewed By: dereckson

Differential Revision: https://devcentral.nasqueron.org/D2656

Details

Provenance
derecksonAuthored on Apr 9 2022, 12:04
derecksonPushed on Jun 19 2023, 23:14
Reviewer
dereckson
Differential Revision
D2656: Use cryptographically secure pseudo-random integers
Parents
rKOTbf9dbff24eb0: Update license information
Branches
Unknown
Tags
Unknown
Tasks
T1717: Implement new UUID RFC

Changes (2)

PathSize
src/
Identifiers/

rKOTb9a3012239c1

View Options

src/Identifiers/Random.php

Loading...
View Options

src/Identifiers/UUID.php

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator