drupal_random_key() documentation for length of returned string is wrong [#2745013]

The documentation says "The base64 encoded result will have a length of up to 4 * $byte_count."

This is wrong. I think it is always exactly ceil($byte_count * 4 / 3).

Note that drupal_base64_encode() removes the padding equal signs.

Comment	File	Size	Author
#3	drupal_random_key-2745013-3.patch	568 bytes	tetranz
#3	7.x: PHP 5.3 & MySQL 5.5 2,034 pass
#2	drupal_random_key-2745013-2.patch	568 bytes	tetranz
#2	7.x: PHP 5.3 & MySQL 5.5 2,005 pass

Issue fork drupal-2745013

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

2745013-drupalrandomkey-documentation-for-returned-string-is-wrong changes, plain diff MR !7511
Check out this branch

About issue forks

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

8 June 2016 at 16:18

tetranz created an issue. See original summary.

Comment #2

tetranz CreditAttribution: tetranz as a volunteer commented 8 June 2016 at 16:21

Status:

Active

» Needs review

File	Size
drupal_random_key-2745013-2.patch	568 bytes
7.x: PHP 5.3 & MySQL 5.5 2,005 pass

Comment #3

tetranz CreditAttribution: tetranz as a volunteer commented 7 March 2017 at 20:46

Status:

Needs review

» Active

File	Size
drupal_random_key-2745013-3.patch	568 bytes
7.x: PHP 5.3 & MySQL 5.5 2,034 pass

Redoing this since it's so old and the line numbers in the patch are way off.

Comment #4

tetranz CreditAttribution: tetranz as a volunteer commented 7 March 2017 at 20:50

Status:

Active

» Needs review

Comment #5

tetranz CreditAttribution: tetranz at Third and Grove commented 7 March 2017 at 21:04

Comment #6

joshf CreditAttribution: joshf at Third and Grove commented 7 March 2017 at 23:02

Assigned:	tetranz	» Unassigned
Status:	Needs review	» Reviewed & tested by the community

Confirmed; this can be easily checked:

for ($i = 0; $i < 100000; $i++) {
  $length = strlen(drupal_random_key($i));
  $expected_length = ceil($i * 4 / 3);
  if ($length != $expected_length) {
    die("Length mismatch calling drupal_random_key($i)"); // This is never executed.
  }
}

Comment #7

stefan.r CreditAttribution: stefan.r commented 18 March 2017 at 19:17

Version:	7.x-dev	» 8.4.x-dev
Status:	Reviewed & tested by the community	» Active

Does this go for Crypt::randomBytesBase64 in Drupal 8.x as well? I think they use random_bytes(), random_compat, or the same hash-based generator.

Comment #8

tetranz CreditAttribution: tetranz at Third and Grove commented 3 April 2017 at 20:33

Version:	8.4.x-dev	» 7.x-dev
Status:	Active	» Postponed
Related issues:		+#2866495: Crypt::randomBytesBase64 documentation for length of returned string is wrong

You're quite right stefan.r, it does apply to Crypt::randomBytesBase64. I've created a related issue for that.

https://www.drupal.org/node/2866495

Setting this one back to 7.x.dev and postponed until the D8 one is committed.

Comment #9

poker10 CreditAttribution: poker10 at ActivIT s.r.o. commented 4 July 2022 at 21:04

Status:	Postponed	» Needs work
Related issues:		+#3118581: The documentation for Crypt::randomBytesBase64() is wrong about the output length

The parent issue was commited (#3118581: The documentation for Crypt::randomBytesBase64() is wrong about the output length). From what I see, this documentation fix will needs to be tweaked a little bit to match commited D8 version.