clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 18:07:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

random: Use CSPRNG for CombinedLCG seeding (#13748)

Browse Source 
Now that the CombinedLCG is no longer used within GENERATE_SEED(), we can
safely use the CSPRNG with a php_random_generate_fallback_seed() fallback to
seed the CombinedLCG.
This commit is contained in:
Tim Düsterhus 2024-03-19 20:13:44 +01:00 committed by GitHub
parent 5b7d45822a
commit 807524d61c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
ext/random/engine_combinedlcg.c
View File

@ -107,23 +107,12 @@ const php_random_algo php_random_algo_combinedlcg = {
/* {{{ php_random_combinedlcg_seed_default */
PHPAPI void php_random_combinedlcg_seed_default(php_random_status_state_combinedlcg *state)
{
struct timeval tv;
uint64_t seed = 0;
if (gettimeofday(&tv, NULL) == 0) {
state->state[0] = tv.tv_usec ^ (tv.tv_usec << 11);
} else {
state->state[0] = 1;
if (php_random_bytes_silent(&seed, sizeof(seed)) == FAILURE) {
seed = php_random_generate_fallback_seed();
}
#ifdef ZTS
state->state[1] = (zend_long) tsrm_thread_id();
#else
state->state[1] = (zend_long) getpid();
#endif
/* Add entropy to s2 by calling gettimeofday() again */
if (gettimeofday(&tv, NULL) == 0) {
state->state[1] ^= (tv.tv_usec << 11);
}
php_random_combinedlcg_seed64(state, seed);
}
/* }}} */