Deprecate the SecureRandom class

pierredup · pierredup · commit 5bb87328ef6b · 2015-10-03T19:21:03.000+02:00
diff --git a/composer.json b/composer.json
@@ -20,7 +20,8 @@
         "doctrine/common": "~2.4",
         "twig/twig": "~1.20|~2.0",
         "psr/log": "~1.0",
-        "symfony/security-acl": "~2.7"
+        "symfony/security-acl": "~2.7",
+        "paragonie/random_compat": "~1.0"
     },
     "replace": {
         "symfony/asset": "self.version",
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/security_csrf.xml b/src/Symfony/Bundle/FrameworkBundle/Resources/config/security_csrf.xml
@@ -11,9 +11,7 @@
     </parameters>
 
     <services>
-        <service id="security.csrf.token_generator" class="%security.csrf.token_generator.class%" public="false">
-            <argument type="service" id="security.secure_random" />
-        </service>
+        <service id="security.csrf.token_generator" class="%security.csrf.token_generator.class%" public="false" />
 
         <service id="security.csrf.token_storage" class="%security.csrf.token_storage.class%" public="false">
             <argument type="service" id="session" />
diff --git a/src/Symfony/Bundle/SecurityBundle/Command/UserPasswordEncoderCommand.php b/src/Symfony/Bundle/SecurityBundle/Command/UserPasswordEncoderCommand.php
@@ -164,6 +164,6 @@ private function createPasswordQuestion()
 
     private function generateSalt()
     {
-        return base64_encode($this->getContainer()->get('security.secure_random')->nextBytes(30));
+        return base64_encode(random_bytes(30));
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_rememberme.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_rememberme.xml
@@ -45,9 +45,7 @@
         <service id="security.authentication.rememberme.services.persistent"
                  class="%security.authentication.rememberme.services.persistent.class%"
                  parent="security.authentication.rememberme.services.abstract"
-                 abstract="true">
-            <argument type="service" id="security.secure_random" />
-        </service>
+                 abstract="true" />
 
         <service id="security.authentication.rememberme.services.simplehash"
                  class="%security.authentication.rememberme.services.simplehash.class%"
diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -12,6 +12,7 @@ CHANGELOG
    `Symfony\Component\Security\Http\Authentication\SimpleFormAuthenticatorInterface` instead
  * deprecated `Symfony\Component\Security\Core\Util\ClassUtils`, use
    `Symfony\Component\Security\Acl\Util\ClassUtils` instead
+ * deprecated the `Symfony\Component\Security\Core\Util\SecureRandom` class in favor of the `random_bytes()` function
  * deprecated `supportsAttribute()` and `supportsClass()` methods of
    `Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface` and
    `Symfony\Component\Security\Core\Authorization\Voter\VoterInterface`.
diff --git a/src/Symfony/Component/Security/Core/Tests/Util/SecureRandomTest.php b/src/Symfony/Component/Security/Core/Tests/Util/SecureRandomTest.php
@@ -13,6 +13,9 @@
 
 use Symfony\Component\Security\Core\Util\SecureRandom;
 
+/**
+ * @group legacy
+ */
 class SecureRandomTest extends \PHPUnit_Framework_TestCase
 {
     /**
diff --git a/src/Symfony/Component/Security/Core/Util/SecureRandom.php b/src/Symfony/Component/Security/Core/Util/SecureRandom.php
@@ -11,106 +11,23 @@
 
 namespace Symfony\Component\Security\Core\Util;
 
-use Psr\Log\LoggerInterface;
+@trigger_error('The '.__NAMESPACE__.'\SecureRandom class is deprecated since version 2.8 and will be removed in 3.0. Use the random_bytes() function instead.', E_USER_DEPRECATED);
 
 /**
  * A secure random number generator implementation.
  *
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ *
+ * @deprecated since version 2.8, to be removed in 3.0. Use the random_bytes function instead
  */
 final class SecureRandom implements SecureRandomInterface
 {
-    private $logger;
-    private $useOpenSsl;
-    private $seed;
-    private $seedUpdated;
-    private $seedLastUpdatedAt;
-    private $seedFile;
-
-    /**
-     * Constructor.
-     *
-     * Be aware that a guessable seed will severely compromise the PRNG
-     * algorithm that is employed.
-     *
-     * @param string          $seedFile
-     * @param LoggerInterface $logger
-     */
-    public function __construct($seedFile = null, LoggerInterface $logger = null)
-    {
-        $this->seedFile = $seedFile;
-        $this->logger = $logger;
-
-        // determine whether to use OpenSSL
-        if (!function_exists('random_bytes') && !function_exists('openssl_random_pseudo_bytes')) {
-            if (null !== $this->logger) {
-                $this->logger->notice('It is recommended that you install the "paragonie/random_compat" library or enable the "openssl" extension for random number generation.');
-            }
-            $this->useOpenSsl = false;
-        } else {
-            $this->useOpenSsl = true;
-        }
-    }
-
     /**
      * {@inheritdoc}
      */
     public function nextBytes($nbBytes)
     {
-        if (function_exists('random_bytes')) {
-            return random_bytes($nbBytes);
-        }
-
-        // try OpenSSL
-        if ($this->useOpenSsl) {
-            $bytes = openssl_random_pseudo_bytes($nbBytes, $strong);
-
-            if (false !== $bytes && true === $strong) {
-                return $bytes;
-            }
-
-            if (null !== $this->logger) {
-                $this->logger->info('OpenSSL did not produce a secure random number.');
-            }
-        }
-
-        // initialize seed
-        if (null === $this->seed) {
-            if (null === $this->seedFile) {
-                throw new \RuntimeException('You need to specify a file path to store the seed.');
-            }
-
-            if (is_file($this->seedFile)) {
-                list($this->seed, $this->seedLastUpdatedAt) = $this->readSeed();
-            } else {
-                $this->seed = uniqid(mt_rand(), true);
-                $this->updateSeed();
-            }
-        }
-
-        $bytes = '';
-        while (strlen($bytes) < $nbBytes) {
-            static $incr = 1;
-            $bytes .= hash('sha512', $incr++.$this->seed.uniqid(mt_rand(), true).$nbBytes, true);
-            $this->seed = base64_encode(hash('sha512', $this->seed.$bytes.$nbBytes, true));
-            $this->updateSeed();
-        }
-
-        return substr($bytes, 0, $nbBytes);
-    }
-
-    private function readSeed()
-    {
-        return json_decode(file_get_contents($this->seedFile));
-    }
-
-    private function updateSeed()
-    {
-        if (!$this->seedUpdated && $this->seedLastUpdatedAt < time() - mt_rand(1, 10)) {
-            file_put_contents($this->seedFile, json_encode(array($this->seed, microtime(true))));
-        }
-
-        $this->seedUpdated = true;
+        return random_bytes($nbBytes);
     }
 }
diff --git a/src/Symfony/Component/Security/Core/Util/SecureRandomInterface.php b/src/Symfony/Component/Security/Core/Util/SecureRandomInterface.php
@@ -15,6 +15,8 @@
  * Interface that needs to be implemented by all secure random number generators.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ *
+ * @deprecated since version 2.8, to be removed in 3.0. Use the random_bytes function instead
  */
 interface SecureRandomInterface
 {
diff --git a/src/Symfony/Component/Security/Core/composer.json b/src/Symfony/Component/Security/Core/composer.json
@@ -16,7 +16,8 @@
         }
     ],
     "require": {
-        "php": ">=5.3.9"
+        "php": ">=5.3.9",
+        "paragonie/random_compat" : "~1.0"
     },
     "require-dev": {
         "symfony/phpunit-bridge": "~2.7|~3.0.0",
diff --git a/src/Symfony/Component/Security/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php b/src/Symfony/Component/Security/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php
@@ -44,8 +44,7 @@ public static function setUpBeforeClass()
 
     protected function setUp()
     {
-        $this->random = $this->getMock('Symfony\Component\Security\Core\Util\SecureRandomInterface');
-        $this->generator = new UriSafeTokenGenerator($this->random, self::ENTROPY);
+        $this->generator = new UriSafeTokenGenerator(null, self::ENTROPY);
     }
 
     protected function tearDown()
@@ -56,11 +55,6 @@ protected function tearDown()
 
     public function testGenerateToken()
     {
-        $this->random->expects($this->once())
-            ->method('nextBytes')
-            ->with(self::ENTROPY / 8)
-            ->will($this->returnValue(self::$bytes));
-
         $token = $this->generator->generateToken();
 
         $this->assertTrue(ctype_print($token), 'is printable');
diff --git a/src/Symfony/Component/Security/Csrf/TokenGenerator/UriSafeTokenGenerator.php b/src/Symfony/Component/Security/Csrf/TokenGenerator/UriSafeTokenGenerator.php
@@ -12,7 +12,6 @@
 namespace Symfony\Component\Security\Csrf\TokenGenerator;
 
 use Symfony\Component\Security\Core\Util\SecureRandomInterface;
-use Symfony\Component\Security\Core\Util\SecureRandom;
 
 /**
  * Generates CSRF tokens.
@@ -23,13 +22,6 @@
  */
 class UriSafeTokenGenerator implements TokenGeneratorInterface
 {
-    /**
-     * The generator for random values.
-     *
-     * @var SecureRandomInterface
-     */
-    private $random;
-
     /**
      * The amount of entropy collected for each token (in bits).
      *
@@ -40,15 +32,24 @@ class UriSafeTokenGenerator implements TokenGeneratorInterface
     /**
      * Generates URI-safe CSRF tokens.
      *
-     * @param SecureRandomInterface|null $random  The random value generator used for
-     *                                            generating entropy
-     * @param int                        $entropy The amount of entropy collected for
-     *                                            each token (in bits)
+     * Note: The $random parameter is deprecated since version 2.8 and will be removed in 3.0.
+     *
+     * @param SecureRandomInterface|int|null $random  The random value generator used for
+     *                                                generating entropy
+     * @param int                            $entropy The amount of entropy collected for
+     *                                                each token (in bits)
      */
-    public function __construct(SecureRandomInterface $random = null, $entropy = 256)
+    public function __construct($random = null, $entropy = 256)
     {
-        $this->random = $random ?: new SecureRandom();
-        $this->entropy = $entropy;
+        if ($random instanceof SecureRandomInterface || func_num_args() === 2) {
+            @trigger_error('The '.__METHOD__.' method now requires the entropy to be given as the first argument. The SecureRandomInterface will be removed in 3.0.', E_USER_DEPRECATED);
+
+            $this->entropy = $entropy;
+        } elseif (func_num_args() === 0) {
+            $this->entropy = 256;
+        } else {
+            $this->entropy = $random;
+        }
     }
 
     /**
@@ -59,7 +60,7 @@ public function generateToken()
         // Generate an URI safe base64 encoded string that does not contain "+",
         // "/" or "=" which need to be URL encoded and make URLs unnecessarily
         // longer.
-        $bytes = $this->random->nextBytes($this->entropy / 8);
+        $bytes = random_bytes($this->entropy / 8);
 
         return rtrim(strtr(base64_encode($bytes), '+/', '-_'), '=');
     }
diff --git a/src/Symfony/Component/Security/Csrf/composer.json b/src/Symfony/Component/Security/Csrf/composer.json
@@ -17,7 +17,8 @@
     ],
     "require": {
         "php": ">=5.3.9",
-        "symfony/security-core": "~2.4|~3.0.0"
+        "symfony/security-core": "~2.4|~3.0.0",
+        "paragonie/random_compat" : "~1.0"
     },
     "require-dev": {
         "symfony/phpunit-bridge": "~2.7|~3.0.0",
diff --git a/src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
@@ -32,23 +32,26 @@
 class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
 {
     private $tokenProvider;
-    private $secureRandom;
 
     /**
      * Constructor.
      *
+     * Note: The $secureRandom parameter is deprecated since version 2.8 and will be removed in 3.0.
+     *
      * @param array                 $userProviders
      * @param string                $secret
      * @param string                $providerKey
      * @param array                 $options
      * @param LoggerInterface       $logger
      * @param SecureRandomInterface $secureRandom
      */
-    public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom)
+    public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom = null)
     {
-        parent::__construct($userProviders, $secret, $providerKey, $options, $logger);
+        if (null !== $secureRandom) {
+            @trigger_error('The $secureRandom parameter in '.__METHOD__.' is deprecated since version 2.8 and will be removed in 3.0.', E_USER_DEPRECATED);
+        }
 
-        $this->secureRandom = $secureRandom;
+        parent::__construct($userProviders, $secret, $providerKey, $options, $logger);
     }
 
     /**
@@ -98,7 +101,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
             throw new AuthenticationException('The cookie has expired.');
         }
 
-        $tokenValue = base64_encode($this->secureRandom->nextBytes(64));
+        $tokenValue = base64_encode(random_bytes(64));
         $this->tokenProvider->updateToken($series, $tokenValue, new \DateTime());
         $request->attributes->set(self::COOKIE_ATTR_NAME,
             new Cookie(
@@ -120,8 +123,8 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
      */
     protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token)
     {
-        $series = base64_encode($this->secureRandom->nextBytes(64));
-        $tokenValue = base64_encode($this->secureRandom->nextBytes(64));
+        $series = base64_encode(random_bytes(64));
+        $tokenValue = base64_encode(random_bytes(64));
 
         $this->tokenProvider->createNewToken(
             new PersistentToken(
diff --git a/src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
@@ -20,7 +20,6 @@
 use Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices;
 use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
 use Symfony\Component\Security\Core\Exception\CookieTheftException;
-use Symfony\Component\Security\Core\Util\SecureRandom;
 
 class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
 {
@@ -311,7 +310,7 @@ protected function getService($userProvider = null, $options = array(), $logger
             $userProvider = $this->getProvider();
         }
 
-        return new PersistentTokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
+        return new PersistentTokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger);
     }
 
     protected function getProvider()
diff --git a/src/Symfony/Component/Security/Http/composer.json b/src/Symfony/Component/Security/Http/composer.json
@@ -21,7 +21,8 @@
         "symfony/event-dispatcher": "~2.1|~3.0.0",
         "symfony/http-foundation": "~2.4|~3.0.0",
         "symfony/http-kernel": "~2.4|~3.0.0",
-        "symfony/property-access": "~2.3|~3.0.0"
+        "symfony/property-access": "~2.3|~3.0.0",
+        "paragonie/random_compat" : "~1.0"
     },
     "require-dev": {
         "symfony/phpunit-bridge": "~2.7|~3.0.0",
diff --git a/src/Symfony/Component/Security/composer.json b/src/Symfony/Component/Security/composer.json
@@ -21,7 +21,8 @@
         "symfony/event-dispatcher": "~2.2|~3.0.0",
         "symfony/http-foundation": "~2.1|~3.0.0",
         "symfony/http-kernel": "~2.4|~3.0.0",
-        "symfony/property-access": "~2.3|~3.0.0"
+        "symfony/property-access": "~2.3|~3.0.0",
+        "paragonie/random_compat" : "~1.0"
     },
     "replace": {
         "symfony/security-core": "self.version",
@@ -50,7 +51,6 @@
         "symfony/routing": "For using the HttpUtils class to create sub-requests, redirect the user, and match URLs",
         "symfony/expression-language": "For using the expression voter",
         "ircmaxell/password-compat": "For using the BCrypt password encoder in PHP <5.5",
-        "paragonie/random_compat": "",
         "symfony/ldap": "For using the LDAP user and authentication providers"
     },
     "autoload": {

Original file line number	Diff line number	Diff line change
`@@ -164,6 +164,6 @@ private function createPasswordQuestion()`
`164`	`164`
`165`	`165`	`private function generateSalt()`
`166`	`166`	`{`
`167`		`- return base64_encode($this->getContainer()->get('security.secure_random')->nextBytes(30));`
	`167`	`+ return base64_encode(random_bytes(30));`
`168`	`168`	`}`
`169`	`169`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,9 @@`
`13`	`13`
`14`	`14`	`use Symfony\Component\Security\Core\Util\SecureRandom;`
`15`	`15`
	`16`	`+/**`
	`17`	`+ * @group legacy`
	`18`	`+ */`
`16`	`19`	`class SecureRandomTest extends \PHPUnit_Framework_TestCase`
`17`	`20`	`{`
`18`	`21`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,8 @@`
`15`	`15`	`* Interface that needs to be implemented by all secure random number generators.`
`16`	`16`	`*`
`17`	`17`	`* @author Fabien Potencier <fabien@symfony.com>`
	`18`	`+ *`
	`19`	`+ * @deprecated since version 2.8, to be removed in 3.0. Use the random_bytes function instead`
`18`	`20`	`*/`
`19`	`21`	`interface SecureRandomInterface`
`20`	`22`	`{`
Original file line number	Diff line number	Diff line change
`@@ -44,8 +44,7 @@ public static function setUpBeforeClass()`
`44`	`44`
`45`	`45`	`protected function setUp()`
`46`	`46`	`{`
`47`		`- $this->random = $this->getMock('Symfony\Component\Security\Core\Util\SecureRandomInterface');`
`48`		`- $this->generator = new UriSafeTokenGenerator($this->random, self::ENTROPY);`
	`47`	`+ $this->generator = new UriSafeTokenGenerator(null, self::ENTROPY);`
`49`	`48`	`}`
`50`	`49`
`51`	`50`	`protected function tearDown()`
`@@ -56,11 +55,6 @@ protected function tearDown()`
`56`	`55`
`57`	`56`	`public function testGenerateToken()`
`58`	`57`	`{`
`59`		`- $this->random->expects($this->once())`
`60`		`- ->method('nextBytes')`
`61`		`- ->with(self::ENTROPY / 8)`
`62`		`- ->will($this->returnValue(self::$bytes));`
`63`		`-`
`64`	`58`	`$token = $this->generator->generateToken();`
`65`	`59`
`66`	`60`	`$this->assertTrue(ctype_print($token), 'is printable');`