| [ Index ] |
PHP Cross Reference of MantisBT |
[Source view] [Print] [Project Stats]
Crypto API
| Copyright: | Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org |
| Copyright: | Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net |
| File Size: | 186 lines (8 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
| crypto_init() X-Ref |
| Initialise the CryptoAPI subsystem. This function checks whether the master salt is specified correctly within the configuration. If not, a fatal error is produced to protect against invalid configuration impacting the security of the MantisBT installation. return: null |
| crypto_generate_random_string( $p_bytes, $p_require_strong_generator = true ) X-Ref |
| Generate a random string (raw binary output) for cryptographic purposes such as nonces, IVs, default passwords, etc. This function will attempt to generate strong randomness but can optionally be used to generate weaker randomness if less security is needed or a strong source of randomness isn't available. The use of weak randomness for cryptographic purposes is strongly discouraged because it contains low entropy and is predictable. Note that openssl_random_pseudo_bytes seems to perform very poorly on Windows servers. Therefore we don't event attempt to use this PRNG source if the server is running Windows. param: int $p_bytes Number of bytes of randomness required param: bool $p_require_strong_generator Whether or not a weak source of randomness can be used by this function return: string|null Raw binary string containing the requested number of bytes of random output or null if the output couldn't be created |
| crypto_generate_strong_random_string( $p_bytes ) X-Ref |
| Generate a strong random string (raw binary output) for cryptographic purposes such as nonces, IVs, default passwords, etc. If a strong source of randomness is not available, this function will fail and produce an error. Strong randomness is different from weak randomness in that a strong randomness generator doesn't produce predictable output and has much higher entropy. Where randomness is being used for cryptographic purposes, a strong source of randomness should always be used. param: int $p_bytes Number of bytes of strong randomness required return: string Raw binary string containing the requested number of bytes of random output |
| crypto_generate_uri_safe_nonce( $p_minimum_length ) X-Ref |
| Generate a nonce encoded using the base64 with URI safe alphabet approach described in RFC4648. Note that the minimum length is rounded up to the next number with a factor of 4 so that padding is never added to the end of the base64 output. This means the '=' padding character is never present in the output. Due to the reduced character set of base64 encoding, the actual amount of entropy produced by this function for a given output string length is 3/4 (0.75) that of raw unencoded output produced with the crypto_generate_strong_random_string( $p_bytes ) function. param: int $p_minimum_length Minimum number of characters required for the nonce return: string Nonce encoded according to the base64 with URI safe alphabet approach described in RFC4648 |
| Generated: Thu Jul 28 15:48:31 2011 | Cross-referenced by PHPXref 0.7 |