PHP Conference Nagoya 2025

random_bytes

(PHP 7, PHP 8)

random_bytesGet cryptographically secure random bytes

说明

random_bytes(int $length): string

Generates a string containing uniformly selected random bytes with the requested length.

As the returned bytes are selected completely randomly, the resulting string is likely to contain unprintable characters or invalid UTF-8 sequences. It may be necessary to encode it before transmission or display.

The randomness generated by this function is suitable for all applications, including the generation of long-term secrets, such as encryption keys.

此函数使用的随机性来源先后顺序如下:

  • Linux:» getrandom()/dev/urandom

  • FreeBSD >= 12(PHP >= 7.3):» getrandom()/dev/urandom

  • Windows(PHP >= 7.2):» CNG-API

    Windows:» CryptGenRandom

  • macOS(PHP >= 8.2;>= 8.1.9;>= 8.0.22 如果 CCRandomGenerateBytes 在编译时可用):CCRandomGenerateBytes()

    macOS(PHP >= 8.1;>= 8.0.2):arc4random_buf()、/dev/urandom

  • NetBSD >= 7(PHP >= 7.1;>= 7.0.1):arc4random_buf()、/dev/urandom

  • OpenBSD >= 5.5(PHP >= 7.1;>= 7.0.1):arc4random_buf()、/dev/urandom

  • DragonflyBSD(PHP >= 8.1):» getrandom()/dev/urandom

  • Solaris(PHP >= 8.1):» getrandom()/dev/urandom

  • 未提及的 PHP 版本和操作系统的组合:/dev/urandom
  • 如果没有可用的来源或它们都无法生成随机性,则将抛出 Random\RandomException

注意: 虽然此函数是 PHP 7.0 添加到 PHP 中,但是从 PHP 5.2 到 PHP 5.6 都可以用 » 用户级实现

参数

length

The length of the random string that should be returned in bytes; must be 1 or greater.

返回值

A string containing the requested number of cryptographically secure random bytes.

错误/异常

更新日志

版本 说明
8.2.0 In case of a CSPRNG failure, this function will now throw a Random\RandomException. Previously a plain Exception was thrown.

示例

示例 #1 random_bytes() example

<?php
$bytes
= random_bytes(5);
var_dump(bin2hex($bytes));
?>

以上示例的输出类似于:

string(10) "385e33f741"

参见

添加备注

用户贡献的备注

此页面尚无用户贡献的备注。
To Top