random_bytes()
版本:php7
(PHP 7)
Generates cryptographically secure pseudo-random bytes
说明
random_bytes(int $length): string
Generates an arbitrary length string of cryptographic random bytes that are suitable for cryptographic use, such as when generating salts, keys or initialization vectors.
The sources of randomness used for this function are as follows:
- On Windows,»CryptGenRandom()will always be used. As of PHP 7.2.0,the» CNG-APIwill always be used instead.
- On Linux,the» getrandom(2)syscall will be used if available.
- On other platforms,/dev/urandomwill be used.
- If none of the aforementioned sources are available, then anExceptionwill be thrown.
Note:Although this function was added to PHP in PHP 7.0,a» userland implementationis available for PHP 5.2 to 5.6, inclusive.
参数
- $length
The length of the random string that should be returned in bytes.
返回值
Returns a string containing the requested number of cryptographically secure random bytes.
错误/异常
- If an appropriate source of randomness cannot be found,anExceptionwill be thrown.
- If invalid parameters are given,aTypeErrorwill be thrown.
- If an invalid$lengthof bytes is given,anErrorwill be thrown.
范例
Example #1random_bytes()example
<?php $bytes = random_bytes(5); var_dump(bin2hex($bytes)); ?>
以上例程的输出类似于:
string(10) "385e33f741"
参见
random_int()Generates cryptographically secure pseudo-random integersopenssl_random_pseudo_bytes()生成一个伪随机字节串bin2hex()函数把包含数据的二进制字符串转换为十六进制值
I used below function to create random token, and also a salt from the token. I used it in my application to prevent CSRF attack.
<?php
function RandomToken($length = 32){
if(!isset($length) || intval($length) <= 8 ){
$length = 32;
}
if (function_exists('random_bytes')) {
return bin2hex(random_bytes($length));
}
if (function_exists('mcrypt_create_iv')) {
return bin2hex(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM));
}
if (function_exists('openssl_random_pseudo_bytes')) {
return bin2hex(openssl_random_pseudo_bytes($length));
}
}
function Salt(){
return substr(strtr(base64_encode(hex2bin(RandomToken(32))), '+', '.'), 0, 44);
}
echo (RandomToken());
echo "\n";
echo Salt();
echo "\n";
/*
This function is same as above but its only used for debugging
*/
function RandomTokenDebug($length = 32){
if(!isset($length) || intval($length) <= 8 ){
$length = 32;
}
$randoms = array();
if (function_exists('random_bytes')) {
$randoms['random_bytes'] = bin2hex(random_bytes($length));
}
if (function_exists('mcrypt_create_iv')) {
$randoms['mcrypt_create_iv'] = bin2hex(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM));
}
if (function_exists('openssl_random_pseudo_bytes')) {
$randoms['openssl_random_pseudo_bytes'] = bin2hex(openssl_random_pseudo_bytes($length));
}
return $randoms;
}
echo "\n";
print_r (RandomTokenDebug());
?>
<?php
function str_rand(int $length = 64){ // 64 = 32
$length = ($length < 4) ? 4 : $length;
return bin2hex(random_bytes(($length-($length%2))/2));
}
var_dump(str_rand());
// d6199909d0b5fdc22c9db625e4edf0d6da2b113b21878cde19e96f4afe69e714
?>
Simple php implementation of Blum Blum Shub.
<?php
$bbs = new BlumBlumShub(400);
var_dump(bin2hex($bbs->getRandomPseudoBytes(32)));
// out like 02b3b55d6aea2f26a0ddfcd8967597fb0d38d7c6c4027f0595f5a614b9f06400
class BlumBlumShub
{
private $p, $q, $s, $m, $init, $x0;
private $size = 1024;
public function __construct($size = false, $p = false, $q = false, $s = false)
{
if($p !== false && $q !== false && $s !== false)
{
$this->p = $p;
$this->q = $q;
$this->m = bcmul($p, $q);
$this->s = $s;
} else {
if($size !== false)
$this->size = $size;
$this->init();
}
$this->xn = bcmod(bcmul($this->s, $this->s), $this->m);
for($i=0;$i<10;$i++)
$this->xn = bcmod(bcmul($this->xn, $this->xn), $this->m);
}
private function init()
{
$this->p = $this->genPrime();
$this->q = $this->genPrime();
$this->m = bcmul($this->p, $this->q);
$mCoPrime = gmp_init($this->m);
# try find co-prime
while(1)
{
$s = genPrime($this->size);
$sCoPrime = gmp_init($s);
$g = gmp_gcdext($mCoPrime, $sCoPrime);
$g = gmp_strval($g['g']);
if($g === '1')
break;
}
$this->s = $s;
}
public function genPrime()
{
while(1)
{
$min = gmp_init(str_pad('1', $this->size, '0'));
$max = gmp_init(str_pad('9', $this->size, '0'));
$prime = gmp_strval(gmp_random_range($min, $max));
$validate = bcmod($prime, '4');
if($validate === '3')
break;
}
return $prime;
}
public function getRandomPseudoBytes($length)
{
$bytes = '';
for($i=0;$i<$length;$i++)
$bytes .= $this->getByte();
return $bytes;
}
public function getByte()
{
$byte = '';
for($i=0;$i<8;$i++) {
$this->xn = bcmod(bcmul($this->xn, $this->xn), $this->m);
$byte .= substr(decbin($this->xn[strlen($this->xn)-1]), -1);
}
return chr(bindec($byte));
}
}
?>
function str_rand($largura = 32){
$chars = str_shuffle('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
// separar a string acima com uma virgula após cada letra ou número;
$chars = preg_replace("/([a-z0-9])/i", "$1,", $chars);
$chars = explode(',', $chars);
$string_generate = array();
for($i = 0; $i < $largura; $i++){
// $chars[random_int(0, 61) = largura da array $chars
array_push($string_generate, $chars[random_int(0, 61)]);
}
$string_ready = str_shuffle(implode($string_generate));
for($i = 0; $i < random_int(256,512); $i++){
$random_string = str_shuffle($string_ready);
}
// se a largura for um número par o numero de caracteres da string for maior ou igual a 4
if($largura % 2 === 0 && strlen($random_string) >= 4){
$random_string_start = str_shuffle(substr($random_string, 0, $largura / 2));
$random_string_end = str_shuffle(substr($random_string, $largura / 2, $largura));
$new_random_string = str_shuffle($random_string_start . $random_string_end);
return str_shuffle($new_random_string);
}
else {
return str_shuffle($random_string);
}
}if unavailable use this with core functions... maybe not as secure and optimized (any help?), but practical <?php $bytes = ''; while (strlen($bytes) < $lenght) $bytes .= chr(mt_rand(0, 255)); ?>