1<?php
2/**
3 * Copyright 2017 Facebook, Inc.
4 *
5 * You are hereby granted a non-exclusive, worldwide, royalty-free license to
6 * use, copy, modify, and distribute this software in source code or binary
7 * form for use in connection with the web services and APIs provided by
8 * Facebook.
9 *
10 * As with any software that integrates with the Facebook platform, your use
11 * of this software is subject to the Facebook Developer Principles and
12 * Policies [http://developers.facebook.com/policy/]. This copyright notice
13 * shall be included in all copies or substantial portions of the software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
21 * DEALINGS IN THE SOFTWARE.
22 *
23 */
24namespace Facebook\PseudoRandomString;
25
26use Facebook\Exceptions\FacebookSDKException;
27
28class UrandomPseudoRandomStringGenerator implements PseudoRandomStringGeneratorInterface
29{
30
31    use PseudoRandomStringGeneratorTrait;
32
33    /**
34     * @const string The error message when generating the string fails.
35     */
36    const ERROR_MESSAGE = 'Unable to generate a cryptographically secure pseudo-random string from /dev/urandom. ';
37
38    /**
39     * @throws FacebookSDKException
40     */
41    public function __construct()
42    {
43        if (ini_get('open_basedir')) {
44            throw new FacebookSDKException(
45                static::ERROR_MESSAGE .
46                'There is an open_basedir constraint that prevents access to /dev/urandom.'
47            );
48        }
49
50        if (!is_readable('/dev/urandom')) {
51            throw new FacebookSDKException(
52                static::ERROR_MESSAGE .
53                'Unable to read from /dev/urandom.'
54            );
55        }
56    }
57
58    /**
59     * @inheritdoc
60     */
61    public function getPseudoRandomString($length)
62    {
63        $this->validateLength($length);
64
65        $stream = fopen('/dev/urandom', 'rb');
66        if (!is_resource($stream)) {
67            throw new FacebookSDKException(
68                static::ERROR_MESSAGE .
69                'Unable to open stream to /dev/urandom.'
70            );
71        }
72
73        if (!defined('HHVM_VERSION')) {
74            stream_set_read_buffer($stream, 0);
75        }
76
77        $binaryString = fread($stream, $length);
78        fclose($stream);
79
80        if (!$binaryString) {
81            throw new FacebookSDKException(
82                static::ERROR_MESSAGE .
83                'Stream to /dev/urandom returned no data.'
84            );
85        }
86
87        return $this->binToHex($binaryString, $length);
88    }
89}
90