This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus (with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8. (cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a) Conflicts: index.phppull/17/head
parent
daf5522b1e
commit
43a439e7d0
@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
define('MCRYPT_DEV_URANDOM', 1);
|
||||
|
||||
function mcrypt_create_iv($int, $flag)
|
||||
{
|
||||
$randomSalt = '';
|
||||
for($i = 0; $i < 16; ++$i) {
|
||||
$randomSalt .= base_convert(mt_rand(), 10, 16);
|
||||
}
|
||||
// hex2bin requires an even length, pad if necessary
|
||||
if (strlen($randomSalt) % 2)
|
||||
{
|
||||
$randomSalt = '0' . $randomSalt;
|
||||
}
|
||||
return hex2bin($randomSalt);
|
||||
}
|
Loading…
Reference in new issue