Skip to content

Commit

Permalink
Improve quality of generated seed, avoid potential security pitfall
Browse files Browse the repository at this point in the history
* Try to use random_bytes() first if it's available
* Do not include the server parameters in the generated seed, as
they might contain sensitive data

As all current usages of getRandomSeed() directly hash the seed,
there should be no BC breaking changes.

The main source of entropy is more than enough on its own if
random_bytes() or openssl_random_pseudo_bytes() are available.
  • Loading branch information
xelan committed Sep 17, 2024
1 parent 951eabf commit 3d14084
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions include/tcpdf_static.php
Original file line number Diff line number Diff line change
Expand Up @@ -379,15 +379,18 @@ public static function getRandomSeed($seed='') {
if (function_exists('posix_getpid')) {
$rnd .= posix_getpid();
}
if (function_exists('openssl_random_pseudo_bytes') AND (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {

if function_exists('random_bytes') {
$rnd .= random_bytes(512);
} elseif (function_exists('openssl_random_pseudo_bytes') AND (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {
// this is not used on windows systems because it is very slow for a know bug
$rnd .= openssl_random_pseudo_bytes(512);
} else {
for ($i = 0; $i < 23; ++$i) {
$rnd .= uniqid('', true);
}
}
return $rnd.$seed.__FILE__.serialize($_SERVER).microtime(true);
return $rnd.$seed.__FILE__.microtime(true);
}

/**
Expand Down

0 comments on commit 3d14084

Please sign in to comment.