[TYPO3-core] RFC: Feature #10131: Use TYPO3 encryption key in initial state of random byte generation
Xavier Perseguers
typo3 at perseguers.ch
Thu Jan 15 07:33:09 CET 2009
Hi!
> Bugtracker reference: http://bugs.typo3.org/view.php?id=10131
>
>
> Problem:
> Function t3lib_div::generateRandomBytes() (fallback part for OS windows)
> could be improved when using TYPO3's encryption key to create a (more
> unpredictable) initial state.
> Besides due to md5()'s shorter length in contrary to sha1(), we should
> use md5() to get as much timestamps as possible in the resulting byte
> stream.
>
> Solution:
> Use TYPO3 encryption key and replace sha1() calls with md5().
> Furthermore, patch enhances initial state with a microtime() call.
>
> Notes:
> At line 1726 a trailing whitespace will be removed too.
+1 by reading.
--
Xavier Perseguers
http://xavier.perseguers.ch/en
One contribution a day keeps the fork away
More information about the TYPO3-team-core
mailing list