george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgraded PHP libraries

Browse Source
This commit is contained in:
El RIDO
2019-06-16 07:10:24 +02:00
parent 362045c664
commit db4ae09ee3
24 changed files with 469 additions and 331 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
vendor/paragonie/random_compat/lib/byte_safe_strings.php vendored
View File

@@ -28,8 +28,9 @@
if (!is_callable('RandomCompat_strlen')) {
if (
defined('MB_OVERLOAD_STRING') &&
ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
defined('MB_OVERLOAD_STRING')
&&
((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
) {
/**
* strlen() implementation that isn't brittle to mbstring.func_overload
@@ -82,8 +83,8 @@ if (!is_callable('RandomCompat_substr')) {
if (
defined('MB_OVERLOAD_STRING')
&&
ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
&&
((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
) {
/**
* substr() implementation that isn't brittle to mbstring.func_overload
@@ -93,7 +94,7 @@ if (!is_callable('RandomCompat_substr')) {
*
* @param string $binary_string
* @param int $start
* @param int $length (optional)
* @param int|null $length (optional)
*
* @throws TypeError
*
@@ -118,6 +119,7 @@ if (!is_callable('RandomCompat_substr')) {
* mb_substr($str, 0, NULL, '8bit') returns an empty string on
* PHP 5.3, so we have to find the length ourselves.
*/
/** @var int $length */
$length = RandomCompat_strlen($binary_string) - $start;
} elseif (!is_int($length)) {
throw new TypeError(
@@ -133,7 +135,12 @@ if (!is_callable('RandomCompat_substr')) {
return '';
}
return (string) mb_substr($binary_string, $start, $length, '8bit');
return (string) mb_substr(
(string) $binary_string,
(int) $start,
(int) $length,
'8bit'
);
}
} else {
@@ -145,7 +152,7 @@ if (!is_callable('RandomCompat_substr')) {
*
* @param string $binary_string
* @param int $start
* @param int $length (optional)
* @param int|null $length (optional)
*
* @throws TypeError
*
@@ -172,10 +179,17 @@ if (!is_callable('RandomCompat_substr')) {
);
}
return (string) substr($binary_string, $start, $length);
return (string) substr(
(string )$binary_string,
(int) $start,
(int) $length
);
}
return (string) substr($binary_string, $start);
return (string) substr(
(string) $binary_string,
(int) $start
);
}
}
}

14
vendor/paragonie/random_compat/lib/cast_to_int.php vendored
View File

@@ -27,19 +27,19 @@
*/
if (!is_callable('RandomCompat_intval')) {
/**
* Cast to an integer if we can, safely.
*
*
* If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
* (non-inclusive), it will sanely cast it to an int. If you it's equal to
* ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats
* lose precision, so the <= and => operators might accidentally let a float
* through.
*
*
* @param int|float $number The number we want to convert to an int
* @param bool $fail_open Set to true to not throw an exception
*
*
* @return float|int
* @psalm-suppress InvalidReturnType
*
@@ -50,14 +50,16 @@ if (!is_callable('RandomCompat_intval')) {
if (is_int($number) || is_float($number)) {
$number += 0;
} elseif (is_numeric($number)) {
/** @psalm-suppress InvalidOperand */
$number += 0;
}
/** @var int|float $number */
if (
is_float($number)
&&
&&
$number > ~PHP_INT_MAX
&&
&&
$number < PHP_INT_MAX
) {
$number = (int) $number;

12
vendor/paragonie/random_compat/lib/error_polyfill.php vendored
View File

@@ -1,12 +1,12 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
@@ -30,7 +30,7 @@ if (!class_exists('Error', false)) {
// We can't really avoid making this extend Exception in PHP 5.
class Error extends Exception
{
}
}
@@ -38,12 +38,12 @@ if (!class_exists('TypeError', false)) {
if (is_subclass_of('Error', 'Exception')) {
class TypeError extends Error
{
}
} else {
class TypeError extends Exception
{
}
}
}

5
vendor/paragonie/random_compat/lib/random.php vendored
View File

@@ -3,8 +3,8 @@
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
* @version 2.0.15
* @released 2018-06-08
* @version 2.0.17
* @released 2018-07-04
*
* The MIT License (MIT)
*
@@ -203,7 +203,6 @@ if (!is_callable('random_bytes')) {
* and hope the developer won't let it fail silently.
*
* @param mixed $length
* @psalm-suppress MissingReturnType
* @psalm-suppress InvalidReturnType
* @throws Exception
* @return string

21
vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php vendored
View File

@@ -1,22 +1,22 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -41,6 +41,7 @@ if (!is_callable('random_bytes')) {
function random_bytes($bytes)
{
try {
/** @var int $bytes */
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError(
@@ -54,12 +55,14 @@ if (!is_callable('random_bytes')) {
);
}
/** @var string $buf */
$buf = '';
if (!class_exists('COM')) {
throw new Error(
'COM does not exist'
);
}
/** @var COM $util */
$util = new COM('CAPICOM.Utilities.1');
$execCount = 0;
@@ -68,12 +71,12 @@ if (!is_callable('random_bytes')) {
* get N bytes of random data, then CAPICOM has failed us.
*/
do {
$buf .= base64_decode($util->GetRandom($bytes, 0));
$buf .= base64_decode((string) $util->GetRandom($bytes, 0));
if (RandomCompat_strlen($buf) >= $bytes) {
/**
* Return our random entropy buffer here:
*/
return RandomCompat_substr($buf, 0, $bytes);
return (string) RandomCompat_substr($buf, 0, $bytes);
}
++$execCount;
} while ($execCount < $bytes);
@@ -85,4 +88,4 @@ if (!is_callable('random_bytes')) {
'Could not gather sufficient random data'
);
}
}
}

77
vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php vendored
View File

@@ -1,22 +1,22 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -36,6 +36,7 @@ if (!is_callable('random_bytes')) {
* random numbers in accordance with best practices
*
* Why we use /dev/urandom and not /dev/random
* @ref https://www.2uo.de/myths-about-urandom
* @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers
*
* @param int $bytes
@@ -46,25 +47,47 @@ if (!is_callable('random_bytes')) {
*/
function random_bytes($bytes)
{
/** @var resource $fp */
static $fp = null;
/**
* This block should only be run once
*/
if (empty($fp)) {
/**
* We use /dev/urandom if it is a char device.
* We never fall back to /dev/random
* We don't want to ever read C:\dev\random, only /dev/urandom on
* Unix-like operating systems. While we guard against this
* condition in random.php, it doesn't hurt to be defensive in depth
* here.
*
* To that end, we only try to open /dev/urandom if we're on a Unix-
* like operating system (which means the directory separator is set
* to "/" not "\".
*/
$fp = fopen('/dev/urandom', 'rb');
if (!empty($fp)) {
$st = fstat($fp);
if (($st['mode'] & 0170000) !== 020000) {
fclose($fp);
$fp = false;
if (DIRECTORY_SEPARATOR === '/') {
if (!is_readable('/dev/urandom')) {
throw new Exception(
'Environment misconfiguration: ' .
'/dev/urandom cannot be read.'
);
}
/**
* We use /dev/urandom if it is a char device.
* We never fall back to /dev/random
*/
/** @var resource|bool $fp */
$fp = fopen('/dev/urandom', 'rb');
if (is_resource($fp)) {
/** @var array<string, int> $st */
$st = fstat($fp);
if (($st['mode'] & 0170000) !== 020000) {
fclose($fp);
$fp = false;
}
}
}
if (!empty($fp)) {
if (is_resource($fp)) {
/**
* stream_set_read_buffer() does not exist in HHVM
*
@@ -83,6 +106,7 @@ if (!is_callable('random_bytes')) {
}
try {
/** @var int $bytes */
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError(
@@ -103,7 +127,7 @@ if (!is_callable('random_bytes')) {
* if (empty($fp)) line is logic that should only be run once per
* page load.
*/
if (!empty($fp)) {
if (is_resource($fp)) {
/**
* @var int
*/
@@ -123,29 +147,28 @@ if (!is_callable('random_bytes')) {
*/
$read = fread($fp, $remaining);
if (!is_string($read)) {
if ($read === false) {
/**
* We cannot safely read from the file. Exit the
* do-while loop and trigger the exception condition
*
* @var string|bool
*/
$buf = false;
break;
}
/**
* We cannot safely read from the file. Exit the
* do-while loop and trigger the exception condition
*
* @var string|bool
*/
$buf = false;
break;
}
/**
* Decrease the number of bytes returned from remaining
*/
$remaining -= RandomCompat_strlen($read);
/**
* @var string|bool
* @var string $buf
*/
$buf = $buf . $read;
$buf .= $read;
} while ($remaining > 0);
/**
* Is our result valid?
* @var string|bool $buf
*/
if (is_string($buf)) {
if (RandomCompat_strlen($buf) === $bytes) {

15
vendor/paragonie/random_compat/lib/random_bytes_libsodium.php vendored
View File

@@ -1,22 +1,22 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -43,6 +43,7 @@ if (!is_callable('random_bytes')) {
function random_bytes($bytes)
{
try {
/** @var int $bytes */
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError(
@@ -60,6 +61,7 @@ if (!is_callable('random_bytes')) {
* \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be
* generated in one invocation.
*/
/** @var string|bool $buf */
if ($bytes > 2147483647) {
$buf = '';
for ($i = 0; $i < $bytes; $i += 1073741824) {
@@ -69,10 +71,11 @@ if (!is_callable('random_bytes')) {
$buf .= \Sodium\randombytes_buf($n);
}
} else {
/** @var string|bool $buf */
$buf = \Sodium\randombytes_buf($bytes);
}
if ($buf !== false) {
if (is_string($buf)) {
if (RandomCompat_strlen($buf) === $bytes) {
return $buf;
}

11
vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php vendored
View File

@@ -1,22 +1,22 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -43,6 +43,7 @@ if (!is_callable('random_bytes')) {
function random_bytes($bytes)
{
try {
/** @var int $bytes */
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError(

18
vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php vendored
View File

@@ -1,22 +1,22 @@
<?php
/**
* Random_* Compatibility Library
* Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects
*
*
* The MIT License (MIT)
*
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -42,6 +42,7 @@ if (!is_callable('random_bytes')) {
function random_bytes($bytes)
{
try {
/** @var int $bytes */
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError(
@@ -55,10 +56,11 @@ if (!is_callable('random_bytes')) {
);
}
$buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
/** @var string|bool $buf */
$buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM);
if (
$buf !== false
&&
is_string($buf)
&&
RandomCompat_strlen($buf) === $bytes
) {
/**

14
vendor/paragonie/random_compat/lib/random_int.php vendored
View File

@@ -51,6 +51,7 @@ if (!is_callable('random_int')) {
*/
try {
/** @var int $min */
$min = RandomCompat_intval($min);
} catch (TypeError $ex) {
throw new TypeError(
@@ -59,6 +60,7 @@ if (!is_callable('random_int')) {
}
try {
/** @var int $max */
$max = RandomCompat_intval($max);
} catch (TypeError $ex) {
throw new TypeError(
@@ -90,11 +92,18 @@ if (!is_callable('random_int')) {
* so we can minimize the number of discards
*/
$attempts = $bits = $bytes = $mask = $valueShift = 0;
/** @var int $attempts */
/** @var int $bits */
/** @var int $bytes */
/** @var int $mask */
/** @var int $valueShift */
/**
* At this point, $range is a positive number greater than 0. It might
* overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to
* a float and we will lose some precision.
*
* @var int|float $range
*/
$range = $max - $min;
@@ -115,6 +124,7 @@ if (!is_callable('random_int')) {
* @ref http://3v4l.org/XX9r5 (64-bit)
*/
$bytes = PHP_INT_SIZE;
/** @var int $mask */
$mask = ~0;
} else {
@@ -129,16 +139,19 @@ if (!is_callable('random_int')) {
}
++$bits;
$range >>= 1;
/** @var int $mask */
$mask = $mask << 1 | 1;
}
$valueShift = $min;
}
/** @var int $val */
$val = 0;
/**
* Now that we have our parameters set up, let's begin generating
* random integers until one falls between $min and $max
*/
/** @psalm-suppress RedundantCondition */
do {
/**
* The rejection probability is at most 0.5, so this corresponds
@@ -169,6 +182,7 @@ if (!is_callable('random_int')) {
for ($i = 0; $i < $bytes; ++$i) {
$val |= ord($randomByteString[$i]) << ($i * 8);
}
/** @var int $val */
/**
* Apply mask