Follows-up af66c04.
The tests depend indirectly on wgSecretKey (used by
MWCryptHKDF::generateHex). On test installs I tend to set this
to "example" or "***", which is less than 16 characters and thus
the unit tests failed with "MWCryptHKDF secret was too short".
Change-Id: I9a85fd9fbb345863e4837fed2910d60ebf1b0d83
This adds an RFC 5869 compatible library for quickly generating
cryptographically secure random keys/numbers. An attacker should be
unable to predict the next number generated, as long as the secret
key (set to wgSecretKey if not explicitly defined for a wiki) remains
secret.
In my testing, this is generating random numbers about 7x faster than
MWCryptRand for 32 hex characters, and shouldn't drain openssl's
entropy source.
This will hopefully speed up maintenance tasks that require secure
random numbers, such as resetting login token, and wrapping user's
passwords in a new format.
Change-Id: I437d9aec0122a0533b0d8723fe8a8624898af909
