MediaWiki  1.23.8
MWCryptRand Class Reference

Public Member Functions

 realGenerate ( $bytes, $forceStrong=false)
 
 realGenerateHex ( $chars, $forceStrong=false)
 
 realWasStrong ()
 

Static Public Member Functions

static generate ( $bytes, $forceStrong=false)
 Generate a run of (ideally) cryptographically random data and return it in raw binary form. More...
 
static generateHex ( $chars, $forceStrong=false)
 Generate a run of (ideally) cryptographically random data and return it in hexadecimal string format. More...
 
static wasStrong ()
 Return a boolean indicating whether or not the source used for cryptographic random bytes generation in the previously run generate* call was cryptographically strong. More...
 

Public Attributes

const MIN_ITERATIONS = 1000
 Minimum number of iterations we want to make in our drift calculations. More...
 
const MSEC_PER_BYTE = 0.5
 Number of milliseconds we want to spend generating each separate byte of the final generated bytes. More...
 

Protected Member Functions

 driftHash ( $data)
 Randomly hash data while mixing in clock drift data for randomness. More...
 
 hash ( $data)
 Generate an acceptably unstable one-way-hash of some text making use of the best hash algorithm that we have available. More...
 
 hashAlgo ()
 Decide on the best acceptable hash algorithm we have available for hash() More...
 
 hashLength ()
 Return the byte-length output of the hash algorithm we are using in self::hash and self::hmac. More...
 
 hmac ( $data, $key)
 Generate an acceptably unstable one-way-hmac of some text making use of the best hash algorithm that we have available. More...
 
 initialRandomState ()
 Initialize an initial random state based off of whatever we can find. More...
 
 randomState ()
 Return a rolling random state initially build using data from unstable sources. More...
 

Static Protected Member Functions

static singleton ()
 Publicly exposed static methods. More...
 

Protected Attributes

 $algo = null
 The hash algorithm being used. More...
 
 $hashLength = null
 The number of bytes outputted by the hash algorithm. More...
 
 $strong = null
 A boolean indicating whether the previous random generation was done using cryptographically strong random number generator or not. More...
 

Static Protected Attributes

static $singleton = null
 Singleton instance for public use. More...
 

Detailed Description

Definition at line 27 of file MWCryptRand.php.

Member Function Documentation

◆ driftHash()

MWCryptRand::driftHash (   $data)
protected

Randomly hash data while mixing in clock drift data for randomness.

Parameters
string$dataThe data to randomly hash.
Returns
String The hashed bytes
Author
Tim Starling

Definition at line 155 of file MWCryptRand.php.

References hash(), hashLength(), MIN_ITERATIONS, and wfDebug().

Referenced by randomState().

◆ generate()

static MWCryptRand::generate (   $bytes,
  $forceStrong = false 
)
static

Generate a run of (ideally) cryptographically random data and return it in raw binary form.

You can use MWCryptRand::wasStrong() if you wish to know if the source used was cryptographically strong.

Parameters
int$bytesthe number of bytes of random data to generate
bool$forceStrongPass true if you want generate to prefer cryptographically strong sources of entropy even if reading from them may steal more entropy from the system than optimal.
Returns
String Raw binary random data

Definition at line 498 of file MWCryptRand.php.

References singleton().

Referenced by realGenerateHex().

◆ generateHex()

static MWCryptRand::generateHex (   $chars,
  $forceStrong = false 
)
static

Generate a run of (ideally) cryptographically random data and return it in hexadecimal string format.

You can use MWCryptRand::wasStrong() if you wish to know if the source used was cryptographically strong.

Parameters
int$charsthe number of hex chars of random data to generate
bool$forceStrongPass true if you want generate to prefer cryptographically strong sources of entropy even if reading from them may steal more entropy from the system than optimal.
Returns
String Hexadecimal random data

Definition at line 514 of file MWCryptRand.php.

References singleton().

Referenced by UIDGenerator\__construct(), User\confirmationToken(), User\crypt(), Installer\doGenerateKeys(), User\generateToken(), User\getEditToken(), UIDGenerator\newUUIDv4(), User\randomPassword(), User\resetTokenFromOption(), LoginForm\setCreateaccountToken(), LoginForm\setLoginToken(), and User\setToken().

◆ hash()

MWCryptRand::hash (   $data)
protected

Generate an acceptably unstable one-way-hash of some text making use of the best hash algorithm that we have available.

Parameters
$datastring
Returns
String A raw hash of the data

Definition at line 267 of file MWCryptRand.php.

References hashAlgo().

Referenced by driftHash(), hashLength(), and randomState().

◆ hashAlgo()

MWCryptRand::hashAlgo ( )
protected

Decide on the best acceptable hash algorithm we have available for hash()

Exceptions
MWException
Returns
String A hash algorithm

Definition at line 221 of file MWCryptRand.php.

References $algo, array(), as, and wfDebug().

Referenced by hash(), and hmac().

◆ hashLength()

MWCryptRand::hashLength ( )
protected

Return the byte-length output of the hash algorithm we are using in self::hash and self::hmac.

Returns
int Number of bytes the hash outputs

Definition at line 252 of file MWCryptRand.php.

References $hashLength, and hash().

Referenced by driftHash().

◆ hmac()

MWCryptRand::hmac (   $data,
  $key 
)
protected

Generate an acceptably unstable one-way-hmac of some text making use of the best hash algorithm that we have available.

Parameters
$datastring
$keystring
Returns
String A raw hash of the data

Definition at line 279 of file MWCryptRand.php.

References hashAlgo().

Referenced by realGenerate().

◆ initialRandomState()

MWCryptRand::initialRandomState ( )
protected

Initialize an initial random state based off of whatever we can find.

Definition at line 65 of file MWCryptRand.php.

References $file, $files, $path, array(), as, global, wfHostname(), wfRestoreWarnings(), wfSuppressWarnings(), and wfWikiID().

Referenced by randomState().

◆ randomState()

MWCryptRand::randomState ( )
protected

Return a rolling random state initially build using data from unstable sources.

Returns
string A new weak random state

Definition at line 201 of file MWCryptRand.php.

References driftHash(), hash(), and initialRandomState().

Referenced by realGenerate().

◆ realGenerate()

MWCryptRand::realGenerate (   $bytes,
  $forceStrong = false 
)

◆ realGenerateHex()

MWCryptRand::realGenerateHex (   $chars,
  $forceStrong = false 
)
See also
self::generateHex()

Definition at line 443 of file MWCryptRand.php.

References generate().

◆ realWasStrong()

MWCryptRand::realWasStrong ( )
See also
self::wasStrong()

Definition at line 286 of file MWCryptRand.php.

References $strong.

◆ singleton()

static MWCryptRand::singleton ( )
staticprotected

Publicly exposed static methods.

Return a singleton instance of MWCryptRand

Returns
MWCryptRand

Definition at line 467 of file MWCryptRand.php.

References $singleton.

Referenced by generate(), generateHex(), and wasStrong().

◆ wasStrong()

static MWCryptRand::wasStrong ( )
static

Return a boolean indicating whether or not the source used for cryptographic random bytes generation in the previously run generate* call was cryptographically strong.

Returns
bool Returns true if the source was strong, false if not.

Definition at line 482 of file MWCryptRand.php.

References singleton().

Referenced by Installer\doGenerateKeys().

Member Data Documentation

◆ $algo

MWCryptRand::$algo = null
protected

The hash algorithm being used.

Definition at line 49 of file MWCryptRand.php.

Referenced by hashAlgo().

◆ $hashLength

MWCryptRand::$hashLength = null
protected

The number of bytes outputted by the hash algorithm.

Definition at line 54 of file MWCryptRand.php.

Referenced by hashLength().

◆ $singleton

MWCryptRand::$singleton = null
staticprotected

Singleton instance for public use.

Definition at line 44 of file MWCryptRand.php.

Referenced by singleton().

◆ $strong

MWCryptRand::$strong = null
protected

A boolean indicating whether the previous random generation was done using cryptographically strong random number generator or not.

Definition at line 60 of file MWCryptRand.php.

Referenced by realWasStrong().

◆ MIN_ITERATIONS

const MWCryptRand::MIN_ITERATIONS = 1000

Minimum number of iterations we want to make in our drift calculations.

Definition at line 31 of file MWCryptRand.php.

Referenced by driftHash().

◆ MSEC_PER_BYTE

const MWCryptRand::MSEC_PER_BYTE = 0.5

Number of milliseconds we want to spend generating each separate byte of the final generated bytes.

This is used in combination with the hash length to determine the duration we should spend doing drift calculations.

Definition at line 39 of file MWCryptRand.php.


The documentation for this class was generated from the following file: