Merge pull request #3875 in SW/shopware from sw-15744/5.2/remove-mcrypt to 5.2

bcremer · bcremer · commit 39212c31d016 · 2016-07-25T10:00:27.000+02:00
* commit 'aae6a2c86242db3896d4a7b7a1fced3e043be78b':
  SW-15744 - Remove mcrypt usage
diff --git a/engine/Shopware/Components/Password/Encoder/Sha256.php b/engine/Shopware/Components/Password/Encoder/Sha256.php
@@ -24,6 +24,8 @@
 
 namespace Shopware\Components\Password\Encoder;
 
+use Shopware\Components\Random;
+
 /**
  * Provides a salted + streched sha256
  *
@@ -121,53 +123,11 @@ public function isReencodeNeeded($hash)
     }
 
     /**
-     * Generate a salt using the best number generator available
+     * Generate a salt using the number generator
      * @return string
      */
     public function getSalt()
     {
-        // todo@all replace with \Shopware\Componenents\Random::getBytes()
-        $required_salt_len = $this->options['salt_len'];
-
-        $buffer = '';
-        $raw_length = (int) ($required_salt_len * 3 / 4 + 1);
-        $buffer_valid = false;
-        if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
-            $buffer = mcrypt_create_iv($raw_length, MCRYPT_DEV_URANDOM);
-            if ($buffer) {
-                $buffer_valid = true;
-            }
-        }
-        if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
-            $buffer = openssl_random_pseudo_bytes($raw_length);
-            if ($buffer) {
-                $buffer_valid = true;
-            }
-        }
-        if (!$buffer_valid && is_readable('/dev/urandom')) {
-            $f = fopen('/dev/urandom', 'r');
-            $read = strlen($buffer);
-            while ($read < $raw_length) {
-                $buffer .= fread($f, $raw_length - $read);
-                $read = strlen($buffer);
-            }
-            fclose($f);
-            if ($read >= $raw_length) {
-                $buffer_valid = true;
-            }
-        }
-        if (!$buffer_valid || strlen($buffer) < $raw_length) {
-            $bl = strlen($buffer);
-            for ($i = 0; $i < $raw_length; $i++) {
-                if ($i < $bl) {
-                    $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
-                } else {
-                    $buffer .= chr(mt_rand(0, 255));
-                }
-            }
-        }
-        $salt = str_replace('+', '.', base64_encode($buffer));
-
-        return substr($salt, 0, $required_salt_len);
+        return Random::getAlphanumericString($this->options['salt_len']);
     }
 }
