From 17665eafb7e271198e6d11d57aae3593664dac58 Mon Sep 17 00:00:00 2001 From: nashe Date: Tue, 2 Jan 2018 19:24:07 +0100 Subject: Add paragonie/random_compat to implement a polyfill for random_bytes --- app/helpers.php | 5 +++++ composer.json | 3 ++- composer.lock | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/app/helpers.php b/app/helpers.php index 8765fc6..01d0086 100644 --- a/app/helpers.php +++ b/app/helpers.php @@ -14,6 +14,11 @@ function register_polyfills() call_user_func_array('_hash_equals', func_get_args()); } } + + if (!function_exists('random_bytes')) { + // If this function does not exist, it will be exposed + // automatically by paragonie/random_compat. + } } register_polyfills(); diff --git a/composer.json b/composer.json index c43b48e..ea5032d 100644 --- a/composer.json +++ b/composer.json @@ -14,7 +14,8 @@ "require": { "php": "^5.6 || ^7.0", "mustangostang/spyc": "0.5.1", - "simplepie/simplepie": "^1.5" + "simplepie/simplepie": "^1.5", + "paragonie/random_compat": "^2.0" }, "require-dev": { "guzzlehttp/guzzle": "^6.3", diff --git a/composer.lock b/composer.lock index 1d3cf2e..7959c9c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "381ab1da48dd363669e218a50e19f0b7", + "content-hash": "a4fc919a4e8ef2463ff4a336940bc993", "packages": [ { "name": "mustangostang/spyc", @@ -53,6 +53,54 @@ ], "time": "2013-02-21T10:52:01+00:00" }, + { + "name": "paragonie/random_compat", + "version": "v2.0.11", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/5da4d3c796c275c55f057af5a643ae297d96b4d8", + "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8", + "shasum": "" + }, + "require": { + "php": ">=5.2.0" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "autoload": { + "files": [ + "lib/random.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "pseudorandom", + "random" + ], + "time": "2017-09-27T21:40:39+00:00" + }, { "name": "simplepie/simplepie", "version": "1.5", @@ -1543,7 +1591,7 @@ "minimum-stability": "stable", "stability-flags": [], "prefer-stable": false, - "prefer-lowest": true, + "prefer-lowest": false, "platform": { "php": "^5.6 || ^7.0" }, -- cgit v1.2.1