本文整理汇总了PHP中MWCryptRand类的典型用法代码示例。如果您正苦于以下问题:PHP MWCryptRand类的具体用法?PHP MWCryptRand怎么用?PHP MWCryptRand使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了MWCryptRand类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: memcacheSave
/**
* Serialize and save data to memcache
*
* Note that it also sets a time to live for the
* cached version set to self::TTL
*
* @param string $cacheKey Cache key
* @param mixed $data Data to send to memcached, will use serialize();
*
* @return null
*/
private function memcacheSave($data)
{
$url_friendly_key = MWCryptRand::generateHex(16);
$key = wfMemcKey($url_friendly_key, 'wpdsso');
$this->memcache->set($key, json_encode($data), self::TTL);
return $url_friendly_key;
}
示例2: execute
public function execute()
{
$user = $this->getUser();
$params = $this->extractRequestParams();
// If we're in JSON callback mode, no tokens can be obtained
if ($this->lacksSameOriginSecurity()) {
$this->dieUsage('Cannot obtain a centralauthtoken when using a callback', 'hascallback');
}
if ($user->isAnon()) {
$this->dieUsage('Anonymous users cannot obtain a centralauthtoken', 'notloggedin');
}
if (CentralAuthHooks::hasApiToken()) {
$this->dieUsage('Cannot obtain a centralauthtoken when using centralauthtoken', 'norecursion');
}
$centralUser = CentralAuthUser::getInstance($user);
if (!$centralUser->exists() || !$centralUser->isAttached()) {
$this->dieUsage('Cannot obtain a centralauthtoken without an attached global account', 'notattached');
}
$data = array('userName' => $user->getName(), 'token' => $centralUser->getAuthToken());
global $wgMemc;
$loginToken = MWCryptRand::generateHex(32) . dechex($centralUser->getId());
$key = CentralAuthUser::memcKey('api-token', $loginToken);
$wgMemc->add($key, $data, 60);
$this->getResult()->addValue(null, $this->getModuleName(), array('centralauthtoken' => $loginToken));
}
示例3: crypt
public function crypt($password)
{
if (count($this->args) == 0) {
$this->args[] = base64_encode(MWCryptRand::generate(16, true));
}
if (function_exists('hash_pbkdf2')) {
$hash = hash_pbkdf2($this->params['algo'], $password, base64_decode($this->args[0]), (int) $this->params['rounds'], (int) $this->params['length'], true);
if (!is_string($hash)) {
throw new PasswordError('Error when hashing password.');
}
} else {
$hashLenHash = hash($this->params['algo'], '', true);
if (!is_string($hashLenHash)) {
throw new PasswordError('Error when hashing password.');
}
$hashLen = strlen($hashLenHash);
$blockCount = ceil($this->params['length'] / $hashLen);
$hash = '';
$salt = base64_decode($this->args[0]);
for ($i = 1; $i <= $blockCount; ++$i) {
$roundTotal = $lastRound = hash_hmac($this->params['algo'], $salt . pack('N', $i), $password, true);
for ($j = 1; $j < $this->params['rounds']; ++$j) {
$lastRound = hash_hmac($this->params['algo'], $lastRound, $password, true);
$roundTotal ^= $lastRound;
}
$hash .= $roundTotal;
}
$hash = substr($hash, 0, $this->params['length']);
}
$this->hash = base64_encode($hash);
}
示例4: lqtThread
static function lqtThread($parser, $args, $parser, $frame)
{
$pout = $parser->getOutput();
// Prepare information.
$title = Title::newFromText($args['thread']);
$thread = null;
if ($args['thread']) {
if (is_numeric($args['thread'])) {
$thread = Threads::withId($args['thread']);
} elseif ($title) {
$article = new Article($title, 0);
$thread = Threads::withRoot($article);
}
}
if (is_null($thread)) {
return '';
}
$data = array('type' => 'thread', 'args' => $args, 'thread' => $thread->id(), 'title' => $thread->title());
if (!isset($pout->mLqtReplacements)) {
$pout->mLqtReplacements = array();
}
// Generate a token
$tok = MWCryptRand::generateHex(32);
$text = '<!--LQT-THREAD-' . $tok . '-->';
$pout->mLqtReplacements[$text] = $data;
return $text;
}
示例5: crypt
public function crypt($plaintext)
{
if (count($this->args) == 0) {
$this->args[] = MWCryptRand::generateHex(8);
}
$this->hash = md5($this->args[0] . '-' . md5($plaintext));
}
示例6: crypt
public function crypt($plaintext)
{
if (count($this->args) == 0) {
$this->args[] = MWCryptRand::generateHex(8);
}
$this->hash = md5($this->args[0] . '-' . md5($plaintext));
if (!is_string($this->hash) || strlen($this->hash) < 32) {
throw new PasswordError('Error when hashing password.');
}
}
示例7: setUp
protected function setUp()
{
// Needs to be before setup since this gets cached
$this->mergeMwGlobalArrayValue('wgGroupPermissions', array('sysop' => array('deleterevision' => true)));
parent::setUp();
// Make a few edits for us to play with
for ($i = 1; $i <= 5; $i++) {
self::editPage(self::$page, MWCryptRand::generateHex(10), 'summary');
$this->revs[] = Title::newFromText(self::$page)->getLatestRevID(Title::GAID_FOR_UPDATE);
}
}
示例8: getPreloadId
protected static function getPreloadId($create_if_not_exists)
{
global $wgUser, $wgRequest;
if (!$wgUser->isAnon()) {
return ModerationPreload::User_to_PreloadId($wgUser);
}
$anon_id = $wgRequest->getSessionData('anon_id');
if (!$anon_id) {
if (!$create_if_not_exists) {
return false;
}
$anon_id = MWCryptRand::generateHex(32);
$wgRequest->setSessionData('anon_id', $anon_id);
}
return ModerationPreload::AnonId_to_PreloadId($anon_id);
}
示例9: update
/**
* Updates the underlying hash by encrypting it with the newest secret.
*
* @throws MWException If the configuration is not valid
* @return bool True if the password was updated
*/
public function update()
{
if (count($this->args) != 2 || $this->params == $this->getDefaultParams()) {
// Hash does not need updating
return false;
}
// Decrypt the underlying hash
$underlyingHash = openssl_decrypt(base64_decode($this->args[1]), $this->params['cipher'], $this->config['secrets'][$this->params['secret']], 0, base64_decode($this->args[0]));
// Reset the params
$this->params = $this->getDefaultParams();
// Check the key size with the new params
$iv = MWCryptRand::generate(openssl_cipher_iv_length($this->params['cipher']), true);
$this->hash = base64_encode(openssl_encrypt($underlyingHash, $this->params['cipher'], $this->config['secrets'][$this->params['secret']], 0, $iv));
$this->args = array(base64_encode($iv));
return true;
}
示例10: crypt
/**
* @param string $password Password to encrypt
*
* @throws PasswordError If bcrypt has an unknown error
* @throws MWException If bcrypt is not supported by PHP
*/
public function crypt($password)
{
if (!defined('CRYPT_BLOWFISH')) {
throw new MWException('Bcrypt is not supported.');
}
// Either use existing hash or make a new salt
// Bcrypt expects 22 characters of base64-encoded salt
// Note: bcrypt does not use MIME base64. It uses its own base64 without any '=' padding.
// It expects a 128 bit salt, so it will ignore anything after the first 128 bits
if (!isset($this->args[0])) {
$this->args[] = substr(strtr(base64_encode(MWCryptRand::generate(16, true)), '+', '.'), 0, 22);
}
$hash = crypt($password, sprintf('$2y$%02d$%s', (int) $this->params['rounds'], $this->args[0]));
if (!is_string($hash) || strlen($hash) <= 13) {
throw new PasswordError('Error when hashing password.');
}
// Strip the $2y$
$parts = explode($this->getDelimiter(), substr($hash, 4));
$this->params['rounds'] = (int) $parts[0];
$this->args[0] = substr($parts[1], 0, 22);
$this->hash = substr($parts[1], 22);
}
示例11: setSecret
/**
* Set a value in the session, encrypted
*
* This relies on the secrecy of $wgSecretKey (by default), or $wgSessionSecret.
*
* @param string|int $key
* @param mixed $value
*/
public function setSecret($key, $value)
{
global $wgSessionInsecureSecrets;
list($encKey, $hmacKey) = $this->getSecretKeys();
$serialized = serialize($value);
// The code for encryption (with OpenSSL) and sealing is taken from
// Chris Steipp's OATHAuthUtils class in Extension::OATHAuth.
// Encrypt
// @todo: import a pure-PHP library for AES instead of doing $wgSessionInsecureSecrets
$iv = \MWCryptRand::generate(16, true);
if (function_exists('openssl_encrypt')) {
$ciphertext = openssl_encrypt($serialized, 'aes-256-ctr', $encKey, OPENSSL_RAW_DATA, $iv);
if ($ciphertext === false) {
throw new UnexpectedValueException('Encryption failed: ' . openssl_error_string());
}
} elseif (function_exists('mcrypt_encrypt')) {
$ciphertext = mcrypt_encrypt('rijndael-128', $encKey, $serialized, 'ctr', $iv);
if ($ciphertext === false) {
throw new UnexpectedValueException('Encryption failed');
}
} elseif ($wgSessionInsecureSecrets) {
$ex = new \Exception('No encryption is available, storing data as plain text');
$this->logger->warning($ex->getMessage(), ['exception' => $ex]);
$ciphertext = $serialized;
} else {
throw new \BadMethodCallException('Encryption is not available. You really should install the PHP OpenSSL extension, ' . 'or failing that the mcrypt extension. But if you really can\'t and you\'re willing ' . 'to accept insecure storage of sensitive session data, set ' . '$wgSessionInsecureSecrets = true in LocalSettings.php to make this exception go away.');
}
// Seal
$sealed = base64_encode($iv) . '.' . base64_encode($ciphertext);
$hmac = hash_hmac('sha256', $sealed, $hmacKey, true);
$encrypted = base64_encode($hmac) . '.' . $sealed;
// Store
$this->set($key, $encrypted);
}
示例12: confirmationToken
/**
* Generate, store, and return a new e-mail confirmation code.
* A hash (unsalted, since it's used as a key) is stored.
*
* @note Call saveSettings() after calling this function to commit
* this change to the database.
*
* @param string &$expiration Accepts the expiration time
* @return string New token
*/
protected function confirmationToken(&$expiration)
{
global $wgUserEmailConfirmationTokenExpiry;
$now = time();
$expires = $now + $wgUserEmailConfirmationTokenExpiry;
$expiration = wfTimestamp(TS_MW, $expires);
$this->load();
$token = MWCryptRand::generateHex(32);
$hash = md5($token);
$this->mEmailToken = $hash;
$this->mEmailTokenExpires = $expiration;
return $token;
}
示例13: singleton
/**
* Return a singleton instance of MWCryptRand
* @return MWCryptRand
*/
protected static function singleton()
{
if (is_null(self::$singleton)) {
self::$singleton = new self();
}
return self::$singleton;
}
示例14: newUUIDv4
/**
* Return an RFC4122 compliant v4 UUID
*
* @param int $flags Bitfield (supports UIDGenerator::QUICK_RAND)
* @return string
* @throws MWException
*/
public static function newUUIDv4($flags = 0)
{
$hex = $flags & self::QUICK_RAND ? wfRandomString(31) : MWCryptRand::generateHex(31);
return sprintf('%s-%s-%s-%s-%s', substr($hex, 0, 8), substr($hex, 8, 4), '4' . substr($hex, 12, 3), dechex(0x8 | hexdec($hex[15]) & 0x3) . $hex[16] . substr($hex, 17, 2), substr($hex, 19, 12));
}
示例15: handleReauthBeforeExecute
/**
* Handle redirection when the user needs to (re)authenticate.
*
* Send the user to the login form if needed; in case the request was a POST, stash in the
* session and simulate it once the user gets back.
*
* @param string $subPage
* @return bool False if execution should be stopped.
* @throws ErrorPageError When the user is not allowed to use this page.
*/
protected function handleReauthBeforeExecute($subPage)
{
$authManager = AuthManager::singleton();
$request = $this->getRequest();
$key = 'AuthManagerSpecialPage:reauth:' . $this->getName();
$securityLevel = $this->getLoginSecurityLevel();
if ($securityLevel) {
$securityStatus = AuthManager::singleton()->securitySensitiveOperationStatus($securityLevel);
if ($securityStatus === AuthManager::SEC_REAUTH) {
$queryParams = array_diff_key($request->getQueryValues(), ['title' => true]);
if ($request->wasPosted()) {
// unique ID in case the same special page is open in multiple browser tabs
$uniqueId = MWCryptRand::generateHex(6);
$key = $key . ':' . $uniqueId;
$queryParams = ['authUniqueId' => $uniqueId] + $queryParams;
$authData = array_diff_key($request->getValues(), $this->getPreservedParams(false), ['title' => 1]);
$authManager->setAuthenticationSessionData($key, $authData);
}
$title = SpecialPage::getTitleFor('Userlogin');
$url = $title->getFullURL(['returnto' => $this->getFullTitle()->getPrefixedDBkey(), 'returntoquery' => wfArrayToCgi($queryParams), 'force' => $securityLevel], false, PROTO_HTTPS);
$this->getOutput()->redirect($url);
return false;
} elseif ($securityStatus !== AuthManager::SEC_OK) {
throw new ErrorPageError('cannotauth-not-allowed-title', 'cannotauth-not-allowed');
}
}
$uniqueId = $request->getVal('authUniqueId');
if ($uniqueId) {
$key = $key . ':' . $uniqueId;
$authData = $authManager->getAuthenticationSessionData($key);
if ($authData) {
$authManager->removeAuthenticationSessionData($key);
$this->setRequest($authData, true);
}
}
return true;
}