PHP :: Request #47952 :: Access to OS randomness would be nice

Request #47952	Access to OS randomness would be nice
Submitted:	2009-04-11 18:52 UTC	Modified:	2009-04-11 19:12 UTC
From:	jking at jkingweb dot ca	Assigned:
Status:	Wont fix	Package:	Feature/Change Request
PHP Version:	5.2.9	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

[2009-04-11 18:52 UTC] jking at jkingweb dot ca

Description:
------------
The other day I wrote a PHP implementation of a spec which mandates using a cryptographically-secure random number generator.  For most Unix systems this is easy (/dev/urandom or /dev/random), but getting access to such a source in PHP for Windows seems impossible.  

I thought it might be beneficial for PHP to expose the best source of randomness availble via fopen("php://random") or some such.  I confess I don't know how difficult this would be to do, but it would certainly be more feasible for PHP itself to pull this off in a cross-platform fashion than for little old me writing software from within PHP.

Reproduce code:
---------------
---
From manual page: wrappers.php
---

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-04-11 19:12 UTC] scottmac@php.net

It's not in the manual yet but you'll find openssl_random_pseudo_bytes() in PHP 5.3 that accesses the underlying PRNG.

We could add this to PHP itself, but I think letting OpenSSL being responsible for this is better in case we make a mistake.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Nov 01 15:00:01 2025 UTC