1
1
Fork 0

use "random_bytes" instead of "openssl_random_pseudo_bytes"

This commit is contained in:
Michael 2021-05-11 13:12:12 +00:00
parent cfb9b73205
commit 74f3c885bf
5 changed files with 8 additions and 8 deletions

View file

@ -181,7 +181,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* random key which is encrypted with their site public key.
*/
$src_aes_key = openssl_random_pseudo_bytes(64);
$src_aes_key = random_bytes(64);
$result = '';
openssl_private_encrypt($dfrn_id, $result, $user['prvkey']);

View file

@ -46,8 +46,8 @@ class Apps extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$client_id = bin2hex(openssl_random_pseudo_bytes(32));
$client_secret = bin2hex(openssl_random_pseudo_bytes(32));
$client_id = bin2hex(random_bytes(32));
$client_secret = bin2hex(random_bytes(32));
$fields = ['client_id' => $client_id, 'client_secret' => $client_secret, 'name' => $name, 'redirect_uri' => $redirect];

View file

@ -216,8 +216,8 @@ class BaseApi extends BaseModule
public static function getTokenForUser(array $application, int $uid)
{
$code = bin2hex(openssl_random_pseudo_bytes(32));
$access_token = bin2hex(openssl_random_pseudo_bytes(32));
$code = bin2hex(random_bytes(32));
$access_token = bin2hex(random_bytes(32));
$fields = ['application-id' => $application['id'], 'uid' => $uid, 'code' => $code, 'access_token' => $access_token, 'created_at' => DateTimeFormat::utcNow(DateTimeFormat::MYSQL)];
if (!DBA::insert('application-token', $fields, Database::INSERT_UPDATE)) {

View file

@ -1272,7 +1272,7 @@ class DFRN
switch ($rino_remote_version) {
case 1:
$key = openssl_random_pseudo_bytes(16);
$key = random_bytes(16);
$data = self::aesEncrypt($postvars['data'], $key);
break;

View file

@ -2870,9 +2870,9 @@ class Diaspora
return false;
}
$aes_key = openssl_random_pseudo_bytes(32);
$aes_key = random_bytes(32);
$b_aes_key = base64_encode($aes_key);
$iv = openssl_random_pseudo_bytes(16);
$iv = random_bytes(16);
$b_iv = base64_encode($iv);
$ciphertext = self::aesEncrypt($aes_key, $iv, $msg);