Created
December 20, 2014 22:36
-
-
Save zyphlar/7217f566fc83a9633959 to your computer and use it in GitHub Desktop.
Generating secure passwords in PHP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // usage: $newpassword = generatePassword(12); // for a 12-char password, upper/lower/numbers. | |
| // functions that use rand() or mt_rand() are not secure according to the PHP manual. | |
| function getRandomBytes($nbBytes = 32) | |
| { | |
| $bytes = openssl_random_pseudo_bytes($nbBytes, $strong); | |
| if (false !== $bytes && true === $strong) { | |
| return $bytes; | |
| } | |
| else { | |
| throw new \Exception("Unable to generate secure token from OpenSSL."); | |
| } | |
| } | |
| function generatePassword($length){ | |
| return substr(preg_replace("/[^a-zA-Z0-9]/", "", base64_encode(getRandomBytes($length+1))),0,$length); | |
| } |
Thanks!
A minor improvement, for clearer intention and lower complexity:
if (false !== $bytes && true === $strong) {
return $bytes;
}
else {
throw new \Exception("Unable to generate secure token from OpenSSL.");
}into
if (false !== $bytes && true === $strong) {
return $bytes;
}
throw new \Exception("Unable to generate secure token from OpenSSL.");
I know some people use this style but I actually avoid it because I think
the intention is less clear and the complexity ends up being the same at
the bytecode / execution level.
There was recently a major openssl bug that happened because it wasn't
obvious upon reading that a block would/wouldn't return/cascade under
certain circumstances, leaving a gaping hole in security because there was
a case that was neither returned nor thrown and essentially security was
bypassed.
So I get that they're functionally the same and there's possibly less room
for an "else" hanging out doing something weird, but I personally like
explicitly making it clear that it's my intent to either do one thing or
the other and you've gotta look inside to see which is which. Otherwise I
feel it's easy to skim the code and miss the fact that there's return/throw
statements in there and no further execution is possible.
…On Thu, Aug 13, 2020, 4:16 AM Robin Radic ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
Thanks!
A minor improvement, for clearer intention and lower complexity:
if (false !== $bytes && true === $strong) {
return $bytes;
}
else {
throw new \Exception("Unable to generate secure token from OpenSSL.");
}
into
if (false !== $bytes && true === $strong) {
return $bytes;
}
throw new \Exception("Unable to generate secure token from OpenSSL.");
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://gist.github.com/7217f566fc83a9633959#gistcomment-3416086>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAL2MQHNX3AYCBP3D3CPZLSAPDRFANCNFSM4KXG5V5Q>
.
Thanks, excellent code, I will definitely use it in my projects :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You're right, sorry! Thanks for your answer.