Alex/polr
1
0
Fork 0
mirror of https://github.com/cydrobolt/polr.git synced 2024-11-09 19:52:28 +01:00
Code Issues Releases Wiki Activity

Merge branch 'oittaa-patch-1'

Browse Source
This commit is contained in:
Chaoyi Zha 2016-10-02 22:20:44 -04:00
commit cfe4facc1b
9 changed files with 130 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Helpers/CryptoHelper.php
View File

@ -3,7 +3,7 @@ namespace App\Helpers;
class CryptoHelper { class CryptoHelper {
public static function generateRandomHex($rand_bytes_num) { public static function generateRandomHex($rand_bytes_num) {
$rand_bytes = openssl_random_pseudo_bytes($rand_bytes_num, $crypt_secure); $rand_bytes = random_bytes($rand_bytes_num);
return bin2hex($rand_bytes); return bin2hex($rand_bytes);
} }
} }

3
composer.json
View File

@ -9,7 +9,8 @@
"laravel/lumen-framework": "5.1.*", "laravel/lumen-framework": "5.1.*",
"vlucas/phpdotenv": "~1.0", "vlucas/phpdotenv": "~1.0",
"illuminate/mail": "~5.1", "illuminate/mail": "~5.1",
"yajra/laravel-datatables-oracle": "~6.0" "yajra/laravel-datatables-oracle": "~6.0",
"paragonie/random_compat": "^1.0.6"
}, },
"require-dev": { "require-dev": {
"fzaninotto/faker": "~1.0", "fzaninotto/faker": "~1.0",

12
composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "b5a3fc2934cddc65939bd467cd3def24", "content-hash": "c9b3d1fae340ed50d76dbc8c5ec73ab2",
"packages": [ "packages": [
{ {
"name": "danielstjules/stringy", "name": "danielstjules/stringy",
@ -1860,16 +1860,16 @@
}, },
{ {
"name": "paragonie/random_compat", "name": "paragonie/random_compat",
"version": "v1.2.0", "version": "v1.4.1",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/paragonie/random_compat.git", "url": "https://github.com/paragonie/random_compat.git",
"reference": "b0e69d10852716b2ccbdff69c75c477637220790" "reference": "c7e26a21ba357863de030f0b9e701c7d04593774"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/b0e69d10852716b2ccbdff69c75c477637220790", "url": "https://api.github.com/repos/paragonie/random_compat/zipball/c7e26a21ba357863de030f0b9e701c7d04593774",
"reference": "b0e69d10852716b2ccbdff69c75c477637220790", "reference": "c7e26a21ba357863de030f0b9e701c7d04593774",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1904,7 +1904,7 @@
"pseudorandom", "pseudorandom",
"random" "random"
], ],
"time": "2016-02-06 03:52:05" "time": "2016-03-18 20:34:03"
}, },
{ {
"name": "phenx/php-font-lib", "name": "phenx/php-font-lib",

2
vendor/composer/autoload_files.php vendored
View File

@ -9,8 +9,8 @@ return array(
'65fec9ebcfbb3cbb4fd0d519687aea01' => $vendorDir . '/danielstjules/stringy/src/Create.php', '65fec9ebcfbb3cbb4fd0d519687aea01' => $vendorDir . '/danielstjules/stringy/src/Create.php',
'72579e7bd17821bb1321b87411366eae' => $vendorDir . '/illuminate/support/helpers.php', '72579e7bd17821bb1321b87411366eae' => $vendorDir . '/illuminate/support/helpers.php',
'667aeda72477189d0494fecd327c3641' => $vendorDir . '/symfony/var-dumper/Resources/functions/dump.php', '667aeda72477189d0494fecd327c3641' => $vendorDir . '/symfony/var-dumper/Resources/functions/dump.php',
'5255c38a0faeba867671b61dfda6d864' => $vendorDir . '/paragonie/random_compat/lib/random.php',
'2c102faa651ef8ea5874edb585946bce' => $vendorDir . '/swiftmailer/swiftmailer/lib/swift_required.php', '2c102faa651ef8ea5874edb585946bce' => $vendorDir . '/swiftmailer/swiftmailer/lib/swift_required.php',
'5255c38a0faeba867671b61dfda6d864' => $vendorDir . '/paragonie/random_compat/lib/random.php',
'253c157292f75eb38082b5acb06f3f01' => $vendorDir . '/nikic/fast-route/src/functions.php', '253c157292f75eb38082b5acb06f3f01' => $vendorDir . '/nikic/fast-route/src/functions.php',
'f18cc91337d49233e5754e93f3ed9ec3' => $vendorDir . '/laravelcollective/html/src/helpers.php', 'f18cc91337d49233e5754e93f3ed9ec3' => $vendorDir . '/laravelcollective/html/src/helpers.php',
'bee9632da3ca00a99623b9c35d0c4f8b' => $vendorDir . '/laravel/lumen-framework/src/helpers.php', 'bee9632da3ca00a99623b9c35d0c4f8b' => $vendorDir . '/laravel/lumen-framework/src/helpers.php',

2
vendor/composer/autoload_static.php vendored
View File

@ -10,8 +10,8 @@ class ComposerStaticInit1022d009db9f708df68c1991f93b734b
'65fec9ebcfbb3cbb4fd0d519687aea01' => __DIR__ . '/..' . '/danielstjules/stringy/src/Create.php', '65fec9ebcfbb3cbb4fd0d519687aea01' => __DIR__ . '/..' . '/danielstjules/stringy/src/Create.php',
'72579e7bd17821bb1321b87411366eae' => __DIR__ . '/..' . '/illuminate/support/helpers.php', '72579e7bd17821bb1321b87411366eae' => __DIR__ . '/..' . '/illuminate/support/helpers.php',
'667aeda72477189d0494fecd327c3641' => __DIR__ . '/..' . '/symfony/var-dumper/Resources/functions/dump.php', '667aeda72477189d0494fecd327c3641' => __DIR__ . '/..' . '/symfony/var-dumper/Resources/functions/dump.php',
'5255c38a0faeba867671b61dfda6d864' => __DIR__ . '/..' . '/paragonie/random_compat/lib/random.php',
'2c102faa651ef8ea5874edb585946bce' => __DIR__ . '/..' . '/swiftmailer/swiftmailer/lib/swift_required.php', '2c102faa651ef8ea5874edb585946bce' => __DIR__ . '/..' . '/swiftmailer/swiftmailer/lib/swift_required.php',
'5255c38a0faeba867671b61dfda6d864' => __DIR__ . '/..' . '/paragonie/random_compat/lib/random.php',
'253c157292f75eb38082b5acb06f3f01' => __DIR__ . '/..' . '/nikic/fast-route/src/functions.php', '253c157292f75eb38082b5acb06f3f01' => __DIR__ . '/..' . '/nikic/fast-route/src/functions.php',
'f18cc91337d49233e5754e93f3ed9ec3' => __DIR__ . '/..' . '/laravelcollective/html/src/helpers.php', 'f18cc91337d49233e5754e93f3ed9ec3' => __DIR__ . '/..' . '/laravelcollective/html/src/helpers.php',
'bee9632da3ca00a99623b9c35d0c4f8b' => __DIR__ . '/..' . '/laravel/lumen-framework/src/helpers.php', 'bee9632da3ca00a99623b9c35d0c4f8b' => __DIR__ . '/..' . '/laravel/lumen-framework/src/helpers.php',

100
vendor/composer/installed.json vendored
View File

@ -2273,56 +2273,6 @@
"description": "Symfony DomCrawler Component", "description": "Symfony DomCrawler Component",
"homepage": "https://symfony.com" "homepage": "https://symfony.com"
}, },
{
"name": "paragonie/random_compat",
"version": "v1.2.0",
"version_normalized": "1.2.0.0",
"source": {
"type": "git",
"url": "https://github.com/paragonie/random_compat.git",
"reference": "b0e69d10852716b2ccbdff69c75c477637220790"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/b0e69d10852716b2ccbdff69c75c477637220790",
"reference": "b0e69d10852716b2ccbdff69c75c477637220790",
"shasum": ""
},
"require": {
"php": ">=5.2.0"
},
"require-dev": {
"phpunit/phpunit": "4.*|5.*"
},
"suggest": {
"ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
},
"time": "2016-02-06 03:52:05",
"type": "library",
"installation-source": "dist",
"autoload": {
"files": [
"lib/random.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Paragon Initiative Enterprises",
"email": "security@paragonie.com",
"homepage": "https://paragonie.com"
}
],
"description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7",
"keywords": [
"csprng",
"pseudorandom",
"random"
]
},
{ {
"name": "symfony/security-core", "name": "symfony/security-core",
"version": "v2.7.9", "version": "v2.7.9",
@ -4314,5 +4264,55 @@
"laravel4", "laravel4",
"laravel5" "laravel5"
] ]
},
{
"name": "paragonie/random_compat",
"version": "v1.4.1",
"version_normalized": "1.4.1.0",
"source": {
"type": "git",
"url": "https://github.com/paragonie/random_compat.git",
"reference": "c7e26a21ba357863de030f0b9e701c7d04593774"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/paragonie/random_compat/zipball/c7e26a21ba357863de030f0b9e701c7d04593774",
"reference": "c7e26a21ba357863de030f0b9e701c7d04593774",
"shasum": ""
},
"require": {
"php": ">=5.2.0"
},
"require-dev": {
"phpunit/phpunit": "4.*|5.*"
},
"suggest": {
"ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
},
"time": "2016-03-18 20:34:03",
"type": "library",
"installation-source": "dist",
"autoload": {
"files": [
"lib/random.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Paragon Initiative Enterprises",
"email": "security@paragonie.com",
"homepage": "https://paragonie.com"
}
],
"description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7",
"keywords": [
"csprng",
"pseudorandom",
"random"
]
} }
] ]

49
vendor/paragonie/random_compat/CHANGELOG.md vendored
View File

@ -1,4 +1,49 @@
### Version 1.2.0 - 2015-02-05 ### Version 1.4.1 - 2016-03-18
Update comment in random.php
### Version 1.4.0 - 2016-03-18
Restored OpenSSL in the version 1 branch in preparation to remove
OpenSSL in version 2.
### Version 1.3.1/1.2.3 - 2016-03-18
* Add more possible values to `open_baseir` check.
### Version 1.3.0 - 2016-03-17
* Removed `openssl_random_pseudo_bytes()` entirely. If you are using
random_compat in PHP on a Unix-like OS but cannot access
`/dev/urandom`, version 1.3+ will throw an `Exception`. If you want to
trust OpenSSL, feel free to write your own fallback code. e.g.
```php
try {
$bytes = random_bytes(32);
} catch (Exception $ex) {
$strong = false;
$bytes = openssl_random_pseudo_bytes(32, $strong);
if (!$strong) {
throw $ex;
}
}
```
### Version 1.2.2 - 2016-03-11
* To prevent applications from hanging, if `/dev/urandom` is not
accessible to PHP, skip mcrypt (which just fails before giving OpenSSL
a chance and was morally equivalent to not offering OpenSSL at all).
### Version 1.2.1 - 2016-02-29
* PHP 5.6.10 - 5.6.12 will hang when mcrypt is used on Unix-based operating
systems ([PHP bug 69833](https://bugs.php.net/bug.php?id=69833)). If you are
running one of these versions, please upgrade (or make sure `/dev/urandom` is
readable) otherwise you're relying on OpenSSL.
### Version 1.2.0 - 2016-02-05
* Whitespace and other cosmetic changes * Whitespace and other cosmetic changes
* Added a changelog. * Added a changelog.
@ -8,7 +53,7 @@
Every time we publish a new release, we will also upload a .phar Every time we publish a new release, we will also upload a .phar
to Github. Our public key is signed by our GPG key. to Github. Our public key is signed by our GPG key.
### Version 1.1.6 - 2015-01-29 ### Version 1.1.6 - 2016-01-29
* Eliminate `open_basedir` warnings by detecting this configuration setting. * Eliminate `open_basedir` warnings by detecting this configuration setting.
(Thanks [@oucil](https://github.com/oucil) for reporting this.) (Thanks [@oucil](https://github.com/oucil) for reporting this.)

4
vendor/paragonie/random_compat/ERRATA.md vendored
View File

@ -25,8 +25,8 @@ the remaining implementations.
The reason is simple: `mcrypt_create_iv()` is part of PHP's `ext/mcrypt` code, The reason is simple: `mcrypt_create_iv()` is part of PHP's `ext/mcrypt` code,
and is not part `libmcrypt`. It actually does the right thing: and is not part `libmcrypt`. It actually does the right thing:
* On Unix-based operating systems, it reads from `/dev/urandom`, which is the * On Unix-based operating systems, it reads from `/dev/urandom`, which unlike `/dev/random`
sane and correct thing to do. is the sane and correct thing to do.
* On Windows, it reads from `CryptGenRandom`, which is an exclusively Windows * On Windows, it reads from `CryptGenRandom`, which is an exclusively Windows
way to get random bytes. way to get random bytes.

26
vendor/paragonie/random_compat/lib/random.php vendored
View File

@ -2,6 +2,9 @@
/** /**
* Random_* Compatibility Library * Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects * for using the new PHP 7 random_* API in PHP 5 projects
*
* @version 1.4.1
* @released 2016-03-18
* *
* The MIT License (MIT) * The MIT License (MIT)
* *
@ -89,10 +92,10 @@ if (PHP_VERSION_ID < 70000) {
PATH_SEPARATOR, PATH_SEPARATOR,
strtolower($RandomCompat_basedir) strtolower($RandomCompat_basedir)
); );
$RandomCompatUrandom = in_array( $RandomCompatUrandom = (array() !== array_intersect(
'/dev', array('/dev', '/dev/', '/dev/urandom'),
$RandomCompat_open_basedir $RandomCompat_open_basedir
); ));
$RandomCompat_open_basedir = null; $RandomCompat_open_basedir = null;
} }
@ -113,8 +116,9 @@ if (PHP_VERSION_ID < 70000) {
require_once $RandomCompatDIR.'/random_bytes_dev_urandom.php'; require_once $RandomCompatDIR.'/random_bytes_dev_urandom.php';
} }
// Unset variables after use // Unset variables after use
$RandomCompatUrandom = null;
$RandomCompat_basedir = null; $RandomCompat_basedir = null;
} else {
$RandomCompatUrandom = false;
} }
/** /**
@ -126,10 +130,20 @@ if (PHP_VERSION_ID < 70000) {
PHP_VERSION_ID >= 50307 PHP_VERSION_ID >= 50307
&& &&
extension_loaded('mcrypt') extension_loaded('mcrypt')
&&
(DIRECTORY_SEPARATOR !== '/' || $RandomCompatUrandom)
) { ) {
// See random_bytes_mcrypt.php // Prevent this code from hanging indefinitely on non-Windows;
require_once $RandomCompatDIR.'/random_bytes_mcrypt.php'; // see https://bugs.php.net/bug.php?id=69833
if (
DIRECTORY_SEPARATOR !== '/' ||
(PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
) {
// See random_bytes_mcrypt.php
require_once $RandomCompatDIR.'/random_bytes_mcrypt.php';
}
} }
$RandomCompatUrandom = null;
if ( if (
!function_exists('random_bytes') !function_exists('random_bytes')