Class Phalcon\Security\Random

Source on GitHub

Secure random number generator class.

Provides secure random number generator which is suitable for generating session key in HTTP cookies, etc.

It supports following secure random number generators:

  • random_bytes (PHP 7)
  • libsodium
  • openssl, libressl
  • /dev/urandom

Phalcon\Security\Random could be mainly useful for:

  • Key generation (e.g. generation of complicated keys)
  • Generating random passwords for new user accounts
  • Encryption systems
  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. // Random binary string
  4. $bytes = $random->bytes();
  5. // Random hex string
  6. echo $random->hex(10); // a29f470508d5ccb8e289
  7. echo $random->hex(10); // 533c2f08d5eee750e64a
  8. echo $random->hex(11); // f362ef96cb9ffef150c9cd
  9. echo $random->hex(12); // 95469d667475125208be45c4
  10. echo $random->hex(13); // 05475e8af4a34f8f743ab48761
  11. // Random base64 string
  12. echo $random->base64(12); // XfIN81jGGuKkcE1E
  13. echo $random->base64(12); // 3rcq39QzGK9fUqh8
  14. echo $random->base64(); // DRcfbngL/iOo9hGGvy1TcQ==
  15. echo $random->base64(16); // SvdhPcIHDZFad838Bb0Swg==
  16. // Random URL-safe base64 string
  17. echo $random->base64Safe(); // PcV6jGbJ6vfVw7hfKIFDGA
  18. echo $random->base64Safe(); // GD8JojhzSTrqX7Q8J6uug
  19. echo $random->base64Safe(8); // mGyy0evy3ok
  20. echo $random->base64Safe(null, true); // DRrAgOFkS4rvRiVHFefcQ==
  21. // Random UUID
  22. echo $random->uuid(); // db082997-2572-4e2c-a046-5eefe97b1235
  23. echo $random->uuid(); // da2aa0e2-b4d0-4e3c-99f5-f5ef62c57fe2
  24. echo $random->uuid(); // 75e6b628-c562-4117-bb76-61c4153455a9
  25. echo $random->uuid(); // dc446df1-0848-4d05-b501-4af3c220c13d
  26. // Random number between 0 and $len
  27. echo $random->number(256); // 84
  28. echo $random->number(256); // 79
  29. echo $random->number(100); // 29
  30. echo $random->number(300); // 40
  31. // Random base58 string
  32. echo $random->base58(); // 4kUgL2pdQMSCQtjE
  33. echo $random->base58(); // Umjxqf7ZPwh765yR
  34. echo $random->base58(24); // qoXcgmw4A9dys26HaNEdCRj9
  35. echo $random->base58(7); // 774SJD3vgP

This class partially borrows SecureRandom library from Ruby

Methods

public bytes ([mixed $len])

Generates a random binary string The Random::bytes method returns a string and accepts as input an int representing the length in bytes to be returned. If $len is not specified, 16 is assumed. It may be larger in future. The result may contain any byte: “x00” - “xFF”.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. $bytes = $random->bytes();
  4. var_dump(bin2hex($bytes));
  5. // Possible output: string(32) "00f6c04b144b41fad6a59111c126e1ee"

public hex ([mixed $len])

Generates a random hex string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->hex(10); // a29f470508d5ccb8e289

public base58 ([mixed $n])

Generates a random base58 string If $len is not specified, 16 is assumed. It may be larger in future. The result may contain alphanumeric characters except 0, O, I and l. It is similar to Base64 but has been modified to avoid both non-alphanumeric characters and letters which might look ambiguous when printed.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->base58(); // 4kUgL2pdQMSCQtjE

public base64 ([mixed $len])

Generates a random base64 string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len. Size formula: 4 *( $len / 3) and this need to be rounded up to a multiple of 4.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->base64(12); // 3rcq39QzGK9fUqh8

public base64Safe ([mixed $len], [mixed $padding])

Generates a random URL-safe base64 string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len. By default, padding is not generated because “=” may be used as a URL delimiter. The result may contain A-Z, a-z, 0-9, “-” and “_”. “=” is also used if $padding is true. See RFC 3548 for the definition of URL-safe base64.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->base64Safe(); // GD8JojhzSTrqX7Q8J6uug

public uuid ()

Generates a v4 random UUID (Universally Unique IDentifier) The version 4 UUID is purely random (except the version). It doesn’t contain meaningful information such as MAC address, time, etc. See RFC 4122 for details of UUID. This algorithm sets the version number (4 bits) as well as two reserved bits. All other bits (the remaining 122 bits) are set using a random or pseudorandom data source. Version 4 UUIDs have the form xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx where x is any hexadecimal digit and y is one of 8, 9, A, or B (e.g., f47ac10b-58cc-4372-a567-0e02b2c3d479).

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->uuid(); // 1378c906-64bb-4f81-a8d6-4ae1bfcdec22

public number (mixed $len)

Generates a random number between 0 and $len Returns an integer: 0 <= result <= $len.

  1. <?php
  2. $random = new \Phalcon\Security\Random();
  3. echo $random->number(16); // 8