From f44de8a5607d8190b98f99f43b422a6ae946bfbf Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Tue, 9 Feb 2021 02:51:05 -0800
Subject: [PATCH] dev/core#2370 - Installer - Bump up entropy for autogenerated
 cred keys

This slightly expands the amount of entropy for certain auto-generated values.

Before
-----

~99% of generated values have >=232 bits

After
-----

~99% of generated values have >=260 bits

Technical details
--------

https://lab.civicrm.org/dev/core/-/issues/2370#note_53832
---
 setup/plugins/installFiles/GenerateCredKey.civi-setup.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/plugins/installFiles/GenerateCredKey.civi-setup.php b/setup/plugins/installFiles/GenerateCredKey.civi-setup.php
index 8de7d8f56d..33676d5055 100644
--- a/setup/plugins/installFiles/GenerateCredKey.civi-setup.php
+++ b/setup/plugins/installFiles/GenerateCredKey.civi-setup.php
@@ -18,7 +18,7 @@ if (!defined('CIVI_SETUP')) {
     };
 
   if (empty($e->getModel()->credKeys)) {
-    $e->getModel()->credKeys = ['aes-cbc:hkdf-sha256:' . $toAlphanum(random_bytes(32))];
+    $e->getModel()->credKeys = ['aes-cbc:hkdf-sha256:' . $toAlphanum(random_bytes(37))];
   }
 
   if (is_string($e->getModel()->credKeys)) {
-- 
2.25.1