• Stars
    star
    840
  • Rank 54,265 (Top 2 %)
  • Language
    PHP
  • License
    MIT License
  • Created almost 12 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A library for generating random numbers and strings

RandomLib

Build Status

A library for generating random numbers and strings of various strengths.

This library is useful in security contexts.

Install

Via Composer

$ composer require ircmaxell/random-lib

Usage

Factory

A factory is used to get generators of varying strength:

$factory = new RandomLib\Factory;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));

A factory can be configured with additional mixers and sources but can be used out of the box to create both medium and low strength generators.

Convenience methods are provided for creating high, medium, and low strength generators. Example:

$generator = $factory->getMediumStrengthGenerator();

$factory->getLowStrengthGenerator()

Convenience method to get a low strength random number generator.

Low Strength should be used anywhere that random strings are needed in a non-cryptographical setting. They are not strong enough to be used as keys or salts. They are however useful for one-time use tokens.

$factory->getMediumStrengthGenerator()

Convenience method to get a medium strength random number generator.

Medium Strength should be used for most needs of a cryptographic nature. They are strong enough to be used as keys and salts. However, they do take some time and resources to generate, so they should not be over-used

$factory->getHighStrengthGenerator()

Convenience method to get a high strength random number generator.

High Strength keys should ONLY be used for generating extremely strong cryptographic keys. Generating them is very resource intensive and may take several minutes or more depending on the requested size.

There are currently no mixers shipped with this package that are capable of creating a high space generator. This will not work out of the box!

Generator

A generator is used to generate random numbers and strings.

Example:

// Generate a random string that is 32 bytes in length.
$bytes = $generator->generate(32);

// Generate a whole number between 5 and 15.
$randomInt = $generator->generateInt(5, 15);

// Generate a 32 character string that only contains the letters
// 'a', 'b', 'c', 'd', 'e', and 'f'.
$randomString = $generator->generateString(32, 'abcdef');

$generator->generate($size)

Generate a random byte string of the requested size.

$generator->generateInt($min = 0, $max = PHP_INT_MAX)

Generate a random integer with the given range. If range ($max - $min) is zero, $max will be used.

$generator->generateString($length, $characters = '')

Generate a random string of specified length.

This uses the supplied character list for generating the new result string. The list of characters should be specified as a string containing each allowed character.

If no character list is specified, the following list of characters is used:

0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+/

Examples:

// Give the character list 'abcdef':
print $generator->generateString(32, 'abcdef')."\n";

// One would expect to receive output that only contained those
// characters:
//
// adaeabecfbddcdaeedaedfbbcdccccfe
// adfbfdbfddadbfcbbefebcacbefafffa
// ceeadbcabecbccacdcaabbdccfadbafe
// abadcffabdcacdbcbafcaecabafcdbbf
// dbdbddacdeaceabfaefcbfafebcacdca

License

MIT, see LICENSE.

Community

If you have questions or want to help out, join us in the #php.security channel on irc.freenode.net.

Security Vulnerabilities

If you have found a security issue, please contact the author directly at [email protected].

More Repositories

1

password_compat

Compatibility with the password_* functions that ship with PHP 5.5
PHP
2,151
star
2

PHPPHP

A PHP VM implementation in PHP
PHP
811
star
3

php-compiler

A compiler. For PHP
PHP
793
star
4

PhpGenerics

Here be dragons
PHP
530
star
5

filterus

A simple filtering library for PHP
PHP
454
star
6

PHP-PasswordLib

A library for generating and validating passwords
PHP
373
star
7

monad-php

A simple Monad library for PHP
PHP
296
star
8

php-cfg

A Control Flow Graph implementation in PHP
PHP
243
star
9

Tuli

A static analysis engine
PHP
168
star
10

phpvm

A PHP version manager for CLI PHP
PHP
150
star
11

PHP-Yacc

A PHP port of kmyacc
PHP
149
star
12

PHP-CryptLib

A Cryptography Library for PHP
PHP
144
star
13

FFIMe

A FFI Wrapper library and header parser!
PHP
136
star
14

SecurityLib

SecurityLib
PHP
126
star
15

Stauros

A fast XSS sanitization library for PHP
PHP
118
star
16

php-security-scanner

A static security scanner for PHP
PHP
97
star
17

Tari-PHP

A middleware proposal for PHP
PHP
78
star
18

password-policy

A password policy enforcer for PHP and JavaScript
PHP
77
star
19

php-ast-visualizer

An AST visualizer, for PHP
PHP
75
star
20

prerano

A new language for PHP
PHP
65
star
21

php-preprocessor

A PreProcessing library for PHP
PHP
49
star
22

ErrorExceptions

A library for converting core PHP errors into ErrorExceptions
PHP
43
star
23

PHP-BrainFuck

A brainfuck interpreter for PHP
PHP
42
star
24

php-c-parser

A C parser built in and for PHP (yes, it's a bad idea)...
PHP
40
star
25

random_compat

Compatibility library for proposed simplified random number generator
PHP
40
star
26

php-llvm

A "lightweight" wrapper around LLVM-C in native PHP
PHP
39
star
27

php-types

A PHP Type reconstruction library
PHP
36
star
28

php-compiler-toolkit

A compiler toolkit. For PHP (yes, I am creative at naming things)...
PHP
30
star
29

resume

Anthony Ferrara's Resume (CV)
30
star
30

php-math-parser

A Shunting-Yard Based Math Engine For PHP
PHP
29
star
31

Protocol-Lib

A library for runtime checking of protocols
PHP
27
star
32

php-optimizer

A CFG Optimizer for PHP
PHP
24
star
33

RequirePHP

A RequireJS clone in PHP - As a dependency Loader
PHP
22
star
34

ballandchain

A PHP implementation of BallAndChain
PHP
20
star
35

libgccffi

libgccffi interface for PHP, based on 7.4's FFI and FFIMe
PHP
19
star
36

MixinPHP

A test mixin library for super-happy-crazy-time
PHP
18
star
37

php-ndata

NData PECL extension for dealing with native data types
C
15
star
38

cpu_assembler

An assembler for my custom CPU
PHP
13
star
39

TrueObjectStore

What SPLObjectStorage Should Have Been
PHP
13
star
40

haas

Hugs, As A Service
HTML
13
star
41

programming-with-anthony

Scripts for the Programming With Anthony series on YouTube
11
star
42

php-object-symbolresolver

A linux object file (ELF) parser
PHP
10
star
43

password-bad-web-app

A bad web app, to demonstrate password hashing issues DO NOT USE!!!
PHP
10
star
44

quality-checker

PHP Quality Checker
PHP
10
star
45

blog.ircmaxell.com

blog.ircmaxell.com future site
Less
9
star
46

Primitives

A collection of primitive types for PHP
PHP
6
star
47

blog-ideas

6
star
48

cryptography-presentation-tnphp

Slides for the Cryptography Presentation done at TrueNorthPHP on Nov 2, 2012
JavaScript
6
star
49

Ircmaxell.com

PHP
5
star
50

ZPP

A PHP implementation of Zend-Parse-Parameters
PHP
5
star
51

XssBadWebApp

A Intentionally Vulnerable Bad Web Application With XSS Vulnerabilities - *DO NOT USE!!!*
PHP
5
star
52

CodeReviewSecurityRepo

Code Review for Security Repository Of Code To Review
PHP
5
star
53

password-advice

The website behind password-advice.com
4
star
54

SetLib

A Badly Named Playground
PHP
4
star
55

DontBeStupid-Presentation

A repo of the Don't Be Stupid, Grasp Solid presentation at NYPHP on 5-22-12
JavaScript
3
star
56

hashguesser

Hash guesser
JavaScript
3
star
57

jQuery.OOP

A pseudo-port of MooTools OOP to jQuery
2
star
58

Intervalometer

An intervalometer
Arduino
2
star
59

BehaviorTest

A Proof-Of-Concept behavioral testing app
PHP
2
star
60

password-hashing-mini-presentation

Password-Hashing-Mini-Presentation
JavaScript
2
star
61

PHPTest

A Unit Testing Framework for PHP
PHP
2
star
62

ITL

Some silly test programming language thingy
Ruby
1
star
63

solid-presentation-tnphp

Slides for the SOLID OO Design presentation at True North PHP on Nov 3, 2012
JavaScript
1
star
64

PreProcessor

A trivial attempt at a PHP preprocessor (DO NOT USE!!! Experimental ONLY!!!)
PHP
1
star
65

jsGoodies

Just some JS snipits I've found useful
JavaScript
1
star
66

8bit-cpu-v2

Ruby
1
star