mirror of
https://github.com/Ne-Lexa/php-zip.git
synced 2025-08-29 17:59:55 +02:00
use random_compat
This commit is contained in:
wapplay
@@ -6,7 +6,6 @@ use PhpZip\Exception\RuntimeException;
|
||||
use PhpZip\Exception\ZipAuthenticationException;
|
||||
use PhpZip\Exception\ZipCryptoException;
|
||||
use PhpZip\Model\ZipEntry;
|
||||
use PhpZip\Util\CryptoUtil;
|
||||
use PhpZip\Util\PackUtil;
|
||||
|
||||
/**
|
||||
@@ -430,7 +429,12 @@ class TraditionalPkwareEncryptionEngine implements ZipEncryptionEngine
|
||||
$crc = $this->entry->isDataDescriptorRequired() ?
|
||||
($this->entry->getDosTime() & 0x0000ffff) << 16 :
|
||||
$this->entry->getCrc();
|
||||
$headerBytes = CryptoUtil::randomBytes(self::STD_DEC_HDR_SIZE);
|
||||
|
||||
try {
|
||||
$headerBytes = random_bytes(self::STD_DEC_HDR_SIZE);
|
||||
} catch (\Exception $e) {
|
||||
throw new \RuntimeException('Oops, our server is bust and cannot generate any random data.', 1, $e);
|
||||
}
|
||||
|
||||
// Initialize again since the generated bytes were encrypted.
|
||||
$password = $this->entry->getPassword();
|
||||
|
||||
@@ -8,7 +8,6 @@ use PhpZip\Exception\ZipCryptoException;
|
||||
use PhpZip\Exception\ZipException;
|
||||
use PhpZip\Extra\Fields\WinZipAesEntryExtraField;
|
||||
use PhpZip\Model\ZipEntry;
|
||||
use PhpZip\Util\CryptoUtil;
|
||||
|
||||
/**
|
||||
* WinZip Aes Encryption Engine.
|
||||
@@ -262,7 +261,11 @@ class WinZipAesEngine implements ZipEncryptionEngine
|
||||
);
|
||||
$keyStrengthBytes = $keyStrengthBits / 8;
|
||||
|
||||
$salt = CryptoUtil::randomBytes($keyStrengthBytes / 2);
|
||||
try {
|
||||
$salt = random_bytes($keyStrengthBytes / 2);
|
||||
} catch (\Exception $e) {
|
||||
throw new \RuntimeException('Oops, our server is bust and cannot generate any random data.', 1, $e);
|
||||
}
|
||||
|
||||
$keyParam = hash_pbkdf2(
|
||||
'sha1',
|
||||
|
||||
@@ -2,10 +2,10 @@
|
||||
|
||||
namespace PhpZip\Util;
|
||||
|
||||
use PhpZip\Exception\RuntimeException;
|
||||
|
||||
/**
|
||||
* Crypto Utils.
|
||||
*
|
||||
* @deprecated
|
||||
*/
|
||||
class CryptoUtil
|
||||
{
|
||||
@@ -14,26 +14,14 @@ class CryptoUtil
|
||||
*
|
||||
* @param int $length
|
||||
*
|
||||
* @throws \Exception
|
||||
*
|
||||
* @return string
|
||||
*
|
||||
* @deprecated Use random_bytes()
|
||||
*/
|
||||
final public static function randomBytes($length)
|
||||
{
|
||||
$length = (int) $length;
|
||||
|
||||
if (\function_exists('random_bytes')) {
|
||||
try {
|
||||
return random_bytes($length);
|
||||
} catch (\Exception $e) {
|
||||
throw new \RuntimeException('Could not generate a random string.');
|
||||
}
|
||||
} elseif (\function_exists('openssl_random_pseudo_bytes')) {
|
||||
/** @noinspection PhpComposerExtensionStubsInspection */
|
||||
return openssl_random_pseudo_bytes($length);
|
||||
} elseif (\function_exists('mcrypt_create_iv')) {
|
||||
/** @noinspection PhpComposerExtensionStubsInspection */
|
||||
return mcrypt_create_iv($length);
|
||||
} else {
|
||||
throw new RuntimeException('Extension openssl or mcrypt not loaded');
|
||||
}
|
||||
return random_bytes($length);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user