Use mt_rand() instead of microtime()

crazy-max · Sep 28, 2013 · d1ead1d · d1ead1d
1 parent 45ed32a
commit d1ead1d
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -101,7 +101,7 @@ An example is available in ``index.php`` file :
 **checkPassword** - Check a hash with the password given.<br />
 **encrypt** - Generate a symectric encryption string with the blowfish algorithm and an encryption key in CFB mode.<br />
 **decrypt** - Return the decrypted string generated from the encrypt method.<br />
-**random** - Generate secure random bytes with 5 methods : mcrypt_create_iv, openssl_random_pseudo_bytes, GetRandom() from CAPICOM Microsoft class, /dev/urandom on Unix systems or microtime() and getmypid() functions.<br />
+**random** - Generate secure random bytes with 5 methods : mcrypt_create_iv, openssl_random_pseudo_bytes, GetRandom() from CAPICOM Microsoft class, /dev/urandom on Unix systems or mt_rand() and getmypid() functions.<br />
 
 **getVersion** - Get the CwsCrypto version.<br />
 **setDefaultMode** - Set the default mode for hashing/check password.<br />

diff --git a/class.cws.crypto.php b/class.cws.crypto.php
@@ -30,7 +30,7 @@
  * @author Cr@zy
  * @copyright 2013, Cr@zy
  * @license GNU LESSER GENERAL PUBLIC LICENSE
- * @version 1.1
+ * @version 1.2
  * @link https://github.com/crazy-max/CwsCrypto
  *
  */
@@ -73,7 +73,7 @@ class CwsCrypto
      * CwsCrypto version.
      * @var string
      */
-    private $version = "1.1";
+    private $version = "1.2";
 
     /**
      * Default mode for hashing/check password
@@ -399,7 +399,7 @@ public function decrypt($data, $key=null)
     /**
      * Generate secure random bytes with 5 methods : mcrypt_create_iv,
      * openssl_random_pseudo_bytes, GetRandom() from CAPICOM Microsoft class,
-     * /dev/urandom on Unix systems or microtime() and getmypid() functions.
+     * /dev/urandom on Unix systems or mt_rand() and getmypid() functions.
      * @param int $length : The length of random bytes
      * @param boolean $base64 : Encodes random bytes with MIME base64
      * @return string|NULL : The random bytes
@@ -446,15 +446,15 @@ public static function random($length=32, $base64=true)
             }
         }
 
-        // Otherwise use microtime() and getmypid() functions
+        // Otherwise use mt_rand() and getmypid() functions
         if (strlen($bytes) < $length) {
             $bytes = '';
-            $state = microtime();
+            $state = mt_rand();
             if (function_exists('getmypid')) {
                 $state .= getmypid();
             }
             for ($i = 0; $i < $length; $i += 16) {
-                $state = md5(microtime() . $state);
+                $state = md5(mt_rand() . $state);
                 $bytes .= pack('H*', md5($state));
             }
             return substr($bytes, 0, $length);