<?php
if (!function_exists('random_bytes')) {
/**
* PHP 5.2.0 - 5.6.x way to implement random_bytes()
*
* In order of preference:
* 1. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
* 2. fread() /dev/arandom if available
* 3. fread() /dev/urandom if available
* 4. COM('CAPICOM.Utilities.1')->GetRandom()
* 5. openssl_random_pseudo_bytes()
*/
if (function_exists('mcrypt_create_iv') && version_compare(PHP_VERSION, '5.3.7') >= 0) {
/**
* Powered by ext/mcrypt
*
* @param int $bytes
* @return string
*/
function random_bytes($bytes)
{
if (!is_int($bytes)) {
throw new Exception(
'Length must be an integer'
);
}
if ($bytes < 1) {
throw new Exception(
'Length must be greater than 0'
);
}
// See PHP bug #55169 for why 5.3.7 is required
$buf = mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
if ($buf !== false) {
if (RandomCompat_strlen($buf) === $bytes) {
return $buf;
}
}
/**
* If we reach here, PHP has failed us.
*/
throw new Exception(
'PHP failed to generate random data.'
);
}
} elseif (!ini_get('open_basedir') && (is_readable('/dev/arandom') || is_readable('/dev/urandom'))) {
/**
* Use /dev/arandom or /dev/urandom for random numbers
*
* @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers
*
* @param int $bytes
* @return string
*/
function random_bytes($bytes)
{
static $fp = null;
if ($fp === null) {
if (is_readable('/dev/arandom')) {
$fp = fopen('/dev/arandom', 'rb');
} else {
$fp = fopen('/dev/urandom', 'rb');
}
}
if ($fp !== false) {
$streamset = stream_set_read_buffer($fp, 0);
if ($streamset === 0) {
$remaining = $bytes;
$buf = '';
do {
$read = fread($fp, $remaining);
if ($read === false) {
// We cannot safely read from urandom.
$buf = false;
break;
}
// Decrease the number of bytes returned from remaining
$remaining -= RandomCompat_strlen($read);
$buf .= $read;
} while ($remaining > 0);
if ($buf !== false) {
if (RandomCompat_strlen($buf) === $bytes) {
/**
* Return our random entropy buffer here:
*/
return $buf;
}
}
}
}
/**
* If we reach here, PHP has failed us.
*/
throw new Exception(
'PHP failed to generate random data.'
);
}
} elseif (extension_loaded('com_dotnet')) {
/**
* Windows with PHP < 5.3.0 will not have the function
* openssl_random_pseudo_bytes() available, so let's use
* CAPICOM to work around this deficiency.
*
* @param int $bytes
* @return string
*/
function random_bytes($bytes)
{
$buf = '';
$util = new COM('CAPICOM.Utilities.1');
$execCount = 0;
/**
* Let's not let it loop forever. If we run N times and fail to
* get N bytes of random data, then CAPICOM has failed us.
*/
do {
$buf .= base64_decode($util->GetRandom($bytes, 0));
if (RandomCompat_strlen($buf) >= $bytes) {
return RandomCompat_substr($buf, 0, $bytes);
}
++$execCount;
} while ($execCount < $bytes);
/**
* If we reach here, PHP has failed us.
*/
throw new Exception(
'PHP failed to generate random data.'
);
}
} elseif (function_exists('openssl_random_pseudo_bytes')) {
/**
* Since openssl_random_pseudo_bytes() uses openssl's
* RAND_pseudo_bytes() API, which has been marked as deprecated by the
* OpenSSL team, this is our last resort before failure.
*
* @ref https://www.openssl.org/docs/crypto/RAND_bytes.html
*
* @param int $bytes
* @return string
*/
function random_bytes($bytes)
{
$secure = true;
$buf = openssl_random_pseudo_bytes($bytes, $secure);
if ($buf !== false && $secure) {
if (RandomCompat_strlen($buf) === $bytes) {
return $buf;
}
}
/**
* If we reach here, PHP has failed us.
*/
throw new Exception(
'PHP failed to generate random data.'
);
}
} else {
/**
* We don't have any more options, so let's throw an exception right now
*/
throw new Exception(
'There is no suitable CSPRNG installed on your system'
);
}
}
var_dump(
implode('-', [
bin2hex(random_bytes(4)),
bin2hex(random_bytes(2)),
bin2hex((random_bytes(1) & 0x0F) | 0x40) . bin2hex(random_bytes(1)),
bin2hex((random_bytes(1) & 0x3F) | 0x80) . bin2hex(random_bytes(1)),
bin2hex(random_bytes(12))
])
);
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "0f4650cc-ae26-3634fc-3132384a-c5c60d7fe0c6d0ccc8b792f7"
Output for 7.3.5
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "1c3d0c81-d8a2-36341b-313238e4-bb0d422d5228cebb4f1deca4"
Output for 7.2.4
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "68dc88c1-ac7f-3634fa-3132383d-8cb54c79f65267af4bd5a7e1"
Output for 7.2.3
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "96d5301b-c299-363435-313238bb-f1be99b385afb8c7b9292e7e"
Output for 7.2.2
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "a477f5ab-0b4b-363431-3132387f-4836f68528ace47963bed04d"
Output for 7.2.1
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "c7d32c6e-3ed2-363474-31323801-e34dd91a4016a30819e7461c"
Output for 7.2.0
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "15500de3-3019-363487-31323874-d4c0655b8b943504e8dc15d9"
Output for 7.1.16
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "01206540-7045-3634f0-31323807-ee246424c9600681be78f2df"
Output for 7.1.15
Warning: A non-numeric value encountered in /in/i0k74 on line 172
string(54) "329f5354-dd79-3634d7-3133324d-8ee390acd7920fcb28e29a07"
Output for 7.1.14
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "adaf1a6a-b9b6-36346c-3132388e-6c231f2b3272b2a9850f3e20"
Output for 7.1.13
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "c4350682-b6f0-363467-31323811-c411b2dd24f885529f326530"
Output for 7.1.12
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "d0746e1e-dbb4-363445-31323856-bc9b068d7a7a4f193393bc42"
Output for 7.1.11
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "70b755b3-11bf-363436-31323839-8df6d2d153eb0785eb6556e6"
Output for 7.1.10
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "b650dda7-7ced-36348b-313238fa-beb0206aae948d2fc298d7fa"
Output for 7.1.9
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "c897b106-6beb-36349d-313238ae-80a2befa7b0ee8b66dfa1b9b"
Output for 7.1.8
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "a7ac9c6b-bd58-3634ef-313238ad-c581c21afac01c20556a4c79"
Output for 7.1.7
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "0b40b063-396d-363448-31323808-370776f9056a254ed8026666"
Output for 7.1.6
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "c98107b2-1d8c-36341f-31323811-dabd6d3131c0c62cc2129702"
Output for 7.1.5
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "bb161a6e-cc0b-363466-3132386c-4fb1a7a8f7924b94f6fc3d78"
Output for 7.1.4
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "821f505a-c51b-363440-31323826-48243b620274c786f317a27d"
Output for 7.1.3
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "49176914-ef75-36346d-31323871-7b3a64ba05faa121f5cb8b3b"
Output for 7.1.2
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "94ba6f7b-93bf-363497-3132389e-0da5f219ffeec5d8cdd77919"
Output for 7.1.1
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "babb529f-8561-3634b4-31323865-bb696b4130425166063846f7"
Output for 7.1.0
Warning: A non-numeric value encountered in /in/i0k74 on line 172
Warning: A non-numeric value encountered in /in/i0k74 on line 173
string(54) "c4cafda1-931e-36340a-3132389c-a0eac75949a39ab41a83989a"