[TYPO3-core] RFC #9852: Feature: Provide a random byte generator in TYPO3 Core

Marcus Krause marcus#exp2008 at t3sec.info
Fri Nov 28 07:34:08 CET 2008


Hi,

this is a SVN patch request.


Type:
Feature

Bugtracker Reference:
http://bugs.typo3.org/view.php?id=9852

Branches:
trunk, 4.2, 4.1


Problem:
Currently TYPO3 does not provide a method for creation of random bytes.
Random bytes are needed for cryptographic operations. Think of getting
salted password hashes into core. Then the used salt should be as random
as possible.
As such method could be useful for TYPO3 extension developers or other
use cases in TYPO3 Core, it should go into t3lib_div.


Solution:
Provide such method.


Notes:
This method is currently used in t3sec_saltedpw (FE user authentication
on typo3.org). The method is originally derived from Drupal CMS and got
slightly modified. Drupal CMS is distributed unter GPLv2, so it's no
problem to use it in TYPO3. We therefore won't need to reinvent the wheel.
Although this is considered as feature, for a certain reason it is
necessary to get it into 4.1 and 4.2 too!!!


Regards,
Marcus.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 9852.diff
Type: text/x-patch
Size: 1307 bytes
Desc: not available
Url : http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20081128/8cabce0a/attachment.bin 


More information about the TYPO3-team-core mailing list