}
/*
- * @brief Generates random bytes with "openssl_random_pseudo_bytes" with a fallback for systems without openssl
- * Inspired by gorgo on php.net
- * @param Int with the length of the random
- * @return String with the random bytes
+ * @brief Generates a cryptographical secure pseudorandom string
+ * @param Int with the length of the random string
+ * @return String
*/
public static function generate_random_bytes($length = 30) {
+
+ // Try to use openssl_random_pseudo_bytes
if(function_exists('openssl_random_pseudo_bytes')) {
$pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
if($strong == TRUE) {
}
}
- // fallback to mt_rand()
+ // Try to use /dev/random
+ $fp = @file_get_contents('/dev/random', false, null, 0, $length);
+ if ($fp !== FALSE) {
+ $string = substr(bin2hex($fp), 0, $length);
+ return $string;
+ }
+
+ // Fallback to mt_rand()
$characters = '0123456789';
- $characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+ $characters .= 'abcdefghijklmnopqrstuvwxyz';
$charactersLength = strlen($characters)-1;
$pseudo_byte = "";