PHP 5.x polyfill for random_bytes()
and random_int()
created and maintained
by Paragon Initiative Enterprises.
Although this library should function in earlier versions of PHP, we will only consider issues relevant to supported PHP versions. Please upgrade as soon as possible.
This library should be considered EXPERIMENTAL
until it has received sufficient
review from independent third party security experts. Please ask your favorite
hackers to hammer it for implementation errors and bugs.
For the background of this library, please refer to our blog post on Generating Random Integers and Strings in PHP.
If PHP cannot safely generate random data, this library will throw an Exception
when you include it, even if it's unused. It will not fall back to insecure
random data.
This library exposes the CSPRNG functions added in PHP 7 for use in PHP 5 projects. Their behavior should be identical.
$string = random_bytes(32);
var_dump(bin2hex($string));
// string(64) "5787c41ae124b3b9363b7825104f8bc8cf27c4c3036573e5f0d4a91ad2eeac6f"
$int = random_int(0,255);
var_dump($int);
// int(47)
This project would not be anywhere near as excellent as it is today if it weren't for the contributions of the following individuals: