php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #47952 Access to OS randomness would be nice
Submitted: 2009-04-11 18:52 UTC Modified: 2009-04-11 19:12 UTC
From: jking at jkingweb dot ca Assigned:
Status: Wont fix Package: Feature/Change Request
PHP Version: 5.2.9 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jking at jkingweb dot ca
New email:
PHP Version: OS:

 

 [2009-04-11 18:52 UTC] jking at jkingweb dot ca 
Description:
------------
The other day I wrote a PHP implementation of a spec which mandates using a cryptographically-secure random number generator.  For most Unix systems this is easy (/dev/urandom or /dev/random), but getting access to such a source in PHP for Windows seems impossible.  

I thought it might be beneficial for PHP to expose the best source of randomness availble via fopen("php://random") or some such.  I confess I don't know how difficult this would be to do, but it would certainly be more feasible for PHP itself to pull this off in a cross-platform fashion than for little old me writing software from within PHP.

Reproduce code:
---------------
---
From manual page: wrappers.php
---

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-11 19:12 UTC] scottmac@php.net 
It's not in the manual yet but you'll find openssl_random_pseudo_bytes() in PHP 5.3 that accesses the underlying PRNG.

We could add this to PHP itself, but I think letting OpenSSL being responsible for this is better in case we make a mistake.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 03 19:01:35 2025 UTC