|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #32157 mcrypt_create_iv returns same value each time called
Submitted: 2005-03-01 22:42 UTC Modified: 2005-03-20 18:11 UTC
Avg. Score:4.0 ± 0.7
Reproduced:4 of 4 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (25.0%)
From: murray at planetthoughtful dot org Assigned:
Status: No Feedback Package: mcrypt related
PHP Version: 5.0.3 OS: WindowsXP
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: murray at planetthoughtful dot org
New email:
PHP Version: OS:


 [2005-03-01 22:42 UTC] murray at planetthoughtful dot org
For some reason, using mcrypt_create_iv on my system (WinXP, Apache 1.3.28, PHP 5.0.3, mcrypt 2.5.7) usually returns the same value (specifically, when base64_encoded, the value "qSqamZGHYAIBHnH8KiVcFwNNgrXbLL7R5Fl6lc4xjwA=") each time called, with some exceptions.

Exceptions: if the code I have included is executed on my machine again before approx 15 seconds has elapsed, another number, also fitting into an expected value, is returned.

To explain:

If I execute the code below once, then wait 15 or 16 seconds, it will return the same value both times, ie "qSqamZGHYAIBHnH8KiVcFwNNgrXbLL7R5Fl6lc4xjwA=". If I execute the code, then a second later I execute the code again, then a second later I execute the code a third time, THEN I wait 15 seconds and repeat the execution 3 times, I will get the following base64_encoded values:


Obviously I have no idea why waiting approx 15 seconds restarts the cycle, but the net effect of this is that I generally end up with an $iv value of "qSqamZGHYAIBHnH8KiVcFwNNgrXbLL7R5Fl6lc4xjwA=", since there is usually a much longer period between requests to create an initialization vector value than 15 seconds (at least, it's usually much longer between in the site I have designed).

I hope this makes sense -- if not, please email me and I will try to provide what information I can.

Note: I also tried "srand((double) microtime() * 1000000);" instead of just "srand();" in case srand() was not being initialized properly for MCRYPT_RAND, but this made no difference.

Reproduce code:
$td = mcrypt_module_open('rijndael-256','','cbc','');
$iv = mcrypt_create_iv(mcrypt_get_iv_size('rijndael-256','cbc'), MCRYPT_RAND);
echo base64_encode($iv)."<br>";

Expected result:
I expect $iv to be a different (ie random) value each time the code is run.

Actual result:
If run approx 15 seconds apart, $iv will always be the same. if run more frequently than 15 seconds apart, the value will follow an expected progression, rather than being truly random.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-03-04 16:40 UTC]
Please try using this CVS snapshot:
For Windows:

 [2005-03-20 18:11 UTC]
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

 [2006-07-10 22:19 UTC] chad at herballure dot com
I can confirm that the IV is typically static despite usage of MCRYPT_RAND on Linux + Apache 2.0.58 + mcrypt 2.5.7 + PHP 5.1.[24]. The IV is different for the two PHP versions, but consistent within each. The differences between my code and the reproduce code above is that I am using blowfish in cbc mode, and I am not calling srand().
 [2006-07-11 15:58 UTC] chad at herballure dot com
To add a little more detail to my previous comment, I'm using mod_php with the Apache prefork MPM. Restarting the Web server changes what IV is generated, but within a session it is still consistent.

The URL that sniper gave is 404.
 [2007-03-03 16:15 UTC] Jared dot Williams1 at ntlworld dot com
Looking at mcrypt.c

   *iv_len = size;
   while (size) {
      unsigned int ctx;
      (*iv_str)[--size] = 255.0 * php_rand_r(&ctx) / RAND_MAX;

ctx isn't initialised to a random seed value for php_rand_r to generate different initialisation vectors.
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Sep 21 13:01:25 2020 UTC