Merge pull request #100 from ramsey/2.x/random_compat

Drop OpenSSL support and use paragonie/random_compat

Author: ramsey

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Rhumsaa\Uuid Changelog
 
+## 2.9.0
+
+_Released: 2016-03-22_
+
+  * Drop support for OpenSSL in favor of [paragonie/random_compat][]. This addresses and fixes the [collision issue][].
+
 ## 2.8.4
 
 _Released: 2015-12-17_
@@ -176,3 +182,7 @@ _Released: 2012-08-06_
 _Released: 2012-07-19_
 
   * Initial release
+
+
+[paragonie/random_compat]: https://github.com/paragonie/random_compat
+[collision issue]: https://github.com/ramsey/uuid/issues/80

composer.json

@@ -20,7 +20,8 @@
         "source": "https://github.com/ramsey/uuid"
     },
     "require": {
-        "php": ">=5.3.3"
+        "php": ">=5.3.3",
+        "paragonie/random_compat": "^1.0|^2.0"
     },
     "require-dev": {
         "moontoast/math": "~1.1",

src/Uuid.php

@@ -111,12 +111,12 @@ final class Uuid
     public static $forceNoBigNumber = false;
 
     /**
-     * For testing, openssl_random_pseudo_bytes() override; if true, treat as
-     * if openssl_random_pseudo_bytes() is not available
+     * For testing, random_bytes() override; if true, treat as
+     * if random_bytes() is not available
      *
      * @var bool
      */
-    public static $forceNoOpensslRandomPseudoBytes = false;
+    public static $forceNoRandomBytes = false;
 
     /**
      * For testing, sets time of day to a static, known value
@@ -1185,13 +1185,13 @@ protected static function hasBigNumber()
     }
 
     /**
-     * Returns true if the system has openssl_random_pseudo_bytes()
+     * Returns true if the system has random_bytes()
      *
      * @return bool
      */
-    protected static function hasOpensslRandomPseudoBytes()
+    protected static function hasRandomBytes()
     {
-        return (function_exists('openssl_random_pseudo_bytes') && !self::$forceNoOpensslRandomPseudoBytes);
+        return (function_exists('random_bytes') && !self::$forceNoRandomBytes);
     }
 
     /**
@@ -1244,8 +1244,8 @@ protected static function uuidFromHashedName($hash, $version)
      */
     private static function generateBytes($length)
     {
-        if (self::hasOpensslRandomPseudoBytes()) {
-            return openssl_random_pseudo_bytes($length);
+        if (self::hasRandomBytes()) {
+            return random_bytes($length);
         }
 
         $bytes = '';

tests/UuidTest.php

@@ -8,7 +8,7 @@ protected function setUp()
         Uuid::$timeOfDayTest = null;
         Uuid::$force32Bit = false;
         Uuid::$forceNoBigNumber = false;
-        Uuid::$forceNoOpensslRandomPseudoBytes = false;
+        Uuid::$forceNoRandomBytes = false;
         Uuid::$ignoreSystemNode = false;
     }
 
@@ -826,9 +826,9 @@ public function testUuid4()
      * @covers Rhumsaa\Uuid\Uuid::generateBytes
      * @covers Rhumsaa\Uuid\Uuid::uuidFromHashedName
      */
-    public function testUuid4WithoutOpensslRandomPseudoBytes()
+    public function testUuid4WithoutRandomBytes()
     {
-        Uuid::$forceNoOpensslRandomPseudoBytes = true;
+        Uuid::$forceNoRandomBytes = true;
         $uuid = Uuid::uuid4();
         $this->assertInstanceOf('Rhumsaa\Uuid\Uuid', $uuid);
         $this->assertEquals(2, $uuid->getVariant());
@@ -1275,21 +1275,21 @@ public function testHasBigNumber()
     }
 
     /**
-     * @covers Rhumsaa\Uuid\Uuid::hasOpensslRandomPseudoBytes
+     * @covers Rhumsaa\Uuid\Uuid::hasRandomBytes
      */
-    public function testHasOpensslRandomPseudoBytes()
+    public function testHasRandomBytes()
     {
-        $hasOpensslRandomPseudoBytes = new \ReflectionMethod(
-            'Rhumsaa\Uuid\Uuid', 'hasOpensslRandomPseudoBytes'
+        $hasRandomBytes = new \ReflectionMethod(
+            'Rhumsaa\Uuid\Uuid', 'hasRandomBytes'
         );
-        $hasOpensslRandomPseudoBytes->setAccessible(true);
+        $hasRandomBytes->setAccessible(true);
 
         $uuid = Uuid::fromString('ff6f8cb0-c57d-11e1-9b21-0800200c9a66');
 
-        $this->assertTrue($hasOpensslRandomPseudoBytes->invoke($uuid));
+        $this->assertTrue($hasRandomBytes->invoke($uuid));
 
-        Uuid::$forceNoOpensslRandomPseudoBytes = true;
-        $this->assertFalse($hasOpensslRandomPseudoBytes->invoke($uuid));
+        Uuid::$forceNoRandomBytes = true;
+        $this->assertFalse($hasRandomBytes->invoke($uuid));
     }
 
     /**