[TYPO3-core] RFC: Feature #10131: Use TYPO3 encryption key in initial state of random byte generation

Marcus Krause marcus#exp2009 at t3sec.info
Fri Feb 6 15:32:28 CET 2009


Marcus Krause schrieb am 01/14/2009 12:00 PM Uhr:
> Hi!
> 
> This is an SVN patch request.
> 
> Type: feature
> 
> Branches: trunk
> 
> Bugtracker reference: http://bugs.typo3.org/view.php?id=10131
> 
> 
> Problem: Function t3lib_div::generateRandomBytes() (fallback part for
> OS windows) could be improved when using TYPO3's encryption key to
> create a (more unpredictable) initial state. Besides due to md5()'s
> shorter length in contrary to sha1(), we should use md5() to get as
> much timestamps as possible in the resulting byte stream.

Reminder #2


Marcus.


More information about the TYPO3-team-core mailing list