Class Phalcon\Security\Random

Source on GitHub

Secure random number generator class.

Provides secure random number generator which is suitable for generating session key in HTTP cookies, etc.

It supports following secure random number generators:

  • random_bytes (PHP 7)
  • libsodium
  • openssl, libressl
  • /dev/urandom

Phalcon\Security\Random could be mainly useful for:

  • Key generation (e.g. generation of complicated keys)
  • Generating random passwords for new user accounts
  • Encryption systems
  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. // Random binary string
  6. $bytes = $random->bytes();
  8. // Random hex string
  9. echo $random->hex(10); // a29f470508d5ccb8e289
  10. echo $random->hex(10); // 533c2f08d5eee750e64a
  11. echo $random->hex(11); // f362ef96cb9ffef150c9cd
  12. echo $random->hex(12); // 95469d667475125208be45c4
  13. echo $random->hex(13); // 05475e8af4a34f8f743ab48761
  15. // Random base64 string
  16. echo $random->base64(12); // XfIN81jGGuKkcE1E
  17. echo $random->base64(12); // 3rcq39QzGK9fUqh8
  18. echo $random->base64();   // DRcfbngL/iOo9hGGvy1TcQ==
  19. echo $random->base64(16); // SvdhPcIHDZFad838Bb0Swg==
  21. // Random URL-safe base64 string
  22. echo $random->base64Safe();           // PcV6jGbJ6vfVw7hfKIFDGA
  23. echo $random->base64Safe();           // GD8JojhzSTrqX7Q8J6uug
  24. echo $random->base64Safe(8);          // mGyy0evy3ok
  25. echo $random->base64Safe(null, true); // DRrAgOFkS4rvRiVHFefcQ==
  27. // Random UUID
  28. echo $random->uuid(); // db082997-2572-4e2c-a046-5eefe97b1235
  29. echo $random->uuid(); // da2aa0e2-b4d0-4e3c-99f5-f5ef62c57fe2
  30. echo $random->uuid(); // 75e6b628-c562-4117-bb76-61c4153455a9
  31. echo $random->uuid(); // dc446df1-0848-4d05-b501-4af3c220c13d
  33. // Random number between 0 and $len
  34. echo $random->number(256); // 84
  35. echo $random->number(256); // 79
  36. echo $random->number(100); // 29
  37. echo $random->number(300); // 40
  39. // Random base58 string
  40. echo $random->base58();   // 4kUgL2pdQMSCQtjE
  41. echo $random->base58();   // Umjxqf7ZPwh765yR
  42. echo $random->base58(24); // qoXcgmw4A9dys26HaNEdCRj9
  43. echo $random->base58(7);  // 774SJD3vgP

This class partially borrows SecureRandom library from Ruby

Methods

public bytes ([mixed $len])

Generates a random binary string The Random::bytes method returns a string and accepts as input an int representing the length in bytes to be returned. If $len is not specified, 16 is assumed. It may be larger in future. The result may contain any byte: “x00” - “xFF”.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. $bytes = $random->bytes();
  6. var_dump(bin2hex($bytes));
  7. // Possible output: string(32) "00f6c04b144b41fad6a59111c126e1ee"

public hex ([mixed $len])

Generates a random hex string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->hex(10); // a29f470508d5ccb8e289

public base58 ([mixed $n])

Generates a random base58 string If $len is not specified, 16 is assumed. It may be larger in future. The result may contain alphanumeric characters except 0, O, I and l. It is similar to Base64 but has been modified to avoid both non-alphanumeric characters and letters which might look ambiguous when printed.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->base58(); // 4kUgL2pdQMSCQtjE

public base64 ([mixed $len])

Generates a random base64 string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len. Size formula: 4 *( $len / 3) and this need to be rounded up to a multiple of 4.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->base64(12); // 3rcq39QzGK9fUqh8

public base64Safe ([mixed $len], [mixed $padding])

Generates a random URL-safe base64 string If $len is not specified, 16 is assumed. It may be larger in future. The length of the result string is usually greater of $len. By default, padding is not generated because “=” may be used as a URL delimiter. The result may contain A-Z, a-z, 0-9, “-” and “_”. “=” is also used if $padding is true. See RFC 3548 for the definition of URL-safe base64.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->base64Safe(); // GD8JojhzSTrqX7Q8J6uug

public uuid ()

Generates a v4 random UUID (Universally Unique IDentifier) The version 4 UUID is purely random (except the version). It doesn’t contain meaningful information such as MAC address, time, etc. See RFC 4122 for details of UUID. This algorithm sets the version number (4 bits) as well as two reserved bits. All other bits (the remaining 122 bits) are set using a random or pseudorandom data source. Version 4 UUIDs have the form xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx where x is any hexadecimal digit and y is one of 8, 9, A, or B (e.g., f47ac10b-58cc-4372-a567-0e02b2c3d479).

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->uuid(); // 1378c906-64bb-4f81-a8d6-4ae1bfcdec22

public number (mixed $len)

Generates a random number between 0 and $len Returns an integer: 0 <= result <= $len.

  1. <?php
  3. $random = new \Phalcon\Security\Random();
  5. echo $random->number(16); // 8