array ( 0 => 'index.php', 1 => 'PHP Manual', ), 'head' => array ( 0 => 'UTF-8', 1 => 'en', ), 'this' => array ( 0 => 'function.random-bytes.php', 1 => 'random_bytes', ), 'up' => array ( 0 => 'ref.random.php', 1 => 'Random Functions', ), 'prev' => array ( 0 => 'function.rand.php', 1 => 'rand', ), 'next' => array ( 0 => 'function.random-int.php', 1 => 'random_int', ), 'alternatives' => array ( ), 'source' => array ( 'lang' => 'en', 'path' => 'reference/random/functions/random-bytes.xml', ), ); $setup["toc"] = $TOC; $setup["toc_deprecated"] = $TOC_DEPRECATED; $setup["parents"] = $PARENTS; manual_setup($setup); ?>
(PHP 7, PHP 8)
random_bytes — Get cryptographically secure random bytes
Generates a string containing uniformly selected random bytes with the requested length
.
As the returned bytes are selected completely randomly, the resulting string is likely to contain unprintable characters or invalid UTF-8 sequences. It may be necessary to encode it before transmission or display.
The randomness generated by this function is suitable for all applications, including the generation of long-term secrets, such as encryption keys.
The sources of randomness in the order of priority are as follows:
Linux: » getrandom(), /dev/urandom
FreeBSD >= 12 (PHP >= 7.3): » getrandom(), /dev/urandom
Windows (PHP >= 7.2): » CNG-API
Windows: » CryptGenRandom
macOS (PHP >= 8.2; >= 8.1.9; >= 8.0.22 if CCRandomGenerateBytes is available at compile time): CCRandomGenerateBytes()
macOS (PHP >= 8.1; >= 8.0.2): arc4random_buf(), /dev/urandom
NetBSD >= 7 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
OpenBSD >= 5.5 (PHP >= 7.1; >= 7.0.1): arc4random_buf(), /dev/urandom
DragonflyBSD (PHP >= 8.1): » getrandom(), /dev/urandom
Solaris (PHP >= 8.1): » getrandom(), /dev/urandom
Note: Although this function was added to PHP in PHP 7.0, a » userland implementation is available for PHP 5.2 to 5.6, inclusive.
length
The length of the random string that should be returned in bytes; must be 1
or greater.
A string containing the requested number of cryptographically secure random bytes.
length
is less than 1
,
a ValueError will be thrown.
Version | Description |
---|---|
8.2.0 | In case of a CSPRNG failure, this function will now throw a Random\RandomException. Previously a plain Exception was thrown. |
Example #1 random_bytes() example
<?php
$bytes = random_bytes(5);
var_dump(bin2hex($bytes));
?>
The above example will output something similar to:
string(10) "385e33f741"