123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 |
- <?php
- if (!defined('Auth_OpenID_RAND_SOURCE')) {
-
- define('Auth_OpenID_RAND_SOURCE', '/dev/urandom');
- }
- class Auth_OpenID_CryptUtil {
-
- static function getBytes($num_bytes)
- {
- static $f = null;
- $bytes = '';
- if ($f === null) {
- if (Auth_OpenID_RAND_SOURCE === null) {
- $f = false;
- } else {
- $f = @fopen(Auth_OpenID_RAND_SOURCE, "r");
- if ($f === false) {
- $msg = 'Define Auth_OpenID_RAND_SOURCE as null to ' .
- ' continue with an insecure random number generator.';
- trigger_error($msg, E_USER_ERROR);
- }
- }
- }
- if ($f === false) {
-
- $bytes = '';
- for ($i = 0; $i < $num_bytes; $i += 4) {
- $bytes .= pack('L', mt_rand());
- }
- $bytes = substr($bytes, 0, $num_bytes);
- } else {
- $bytes = fread($f, $num_bytes);
- }
- return $bytes;
- }
-
- static function randomString($length, $population = null)
- {
- if ($population === null) {
- return Auth_OpenID_CryptUtil::getBytes($length);
- }
- $popsize = strlen($population);
- if ($popsize > 256) {
- $msg = 'More than 256 characters supplied to ' . __FUNCTION__;
- trigger_error($msg, E_USER_ERROR);
- }
- $duplicate = 256 % $popsize;
- $str = "";
- for ($i = 0; $i < $length; $i++) {
- do {
- $n = ord(Auth_OpenID_CryptUtil::getBytes(1));
- } while ($n < $duplicate);
- $n %= $popsize;
- $str .= $population[$n];
- }
- return $str;
- }
- static function constEq($s1, $s2)
- {
- if (strlen($s1) != strlen($s2)) {
- return false;
- }
- $result = true;
- $length = strlen($s1);
- for ($i = 0; $i < $length; $i++) {
- $result &= ($s1[$i] == $s2[$i]);
- }
- return $result;
- }
- }
|