Problem/Motivation
Drupal prefers openssl_random_pseudo_bytes() if available in Crypt::randomBytes() in 8.0.x or drupal_random_bytes() in 7.x and 6.x.
PHP used the wrong method in the openssl library now fixed in 5.6.12, 5.5.28, 5.4.44 see: https://bugs.php.net/bug.php?id=70014 but it is NOT classified as a security hole so backports are to older (ie distro) versions are less likely. Just because PHP didn't declare this a security hole doesn't mean it is not. But also read on for other scenarios where this class creates a security hole.
The returned pseudo-random bytes were NOT necessarily cryptographically secure.
Proposed resolution
Add random_compat v2.0.2 to core + use it for Crypt::randomBytes()
Adding v2 should be ok here because in drupal 7.x this includes a fallback.
(so not a concern like in #2763787: Upgrade random_compat to latest version which reverted the upgrade to v2.0.2 in drupal 8.2.x and 8.3.x)
Remaining tasks
review
User interface changes
n/a
API changes
n/a
Data model changes
n/a
RC phase evaluation
| Issue category | Bug because the Crypt class doesn't do what the docblock says, and what the docblock says reflects how the class is actually used in Drupal. |
|---|---|
| Issue priority |
Critical because:
|
| Disruption | None. Everything should work exactly the same, except with actual cryptographically secure pseudorandom bytes |