0

I have to have a cryptographically secure function,that gives me a random string, for encryption. Is the following function good enough for this?

'PHP'

function GenerateRandomString($Length) {
 $Length /= 2;
 $cstrong = false;
 while ($cstrong != TRUE){
    $bytes = openssl_random_pseudo_bytes($Length, $cstrong);
 }
 $hex = bin2hex($bytes);
 return $hex;
}
Entimon
  • 184
  • 3
  • 11
  • It's using a good source of randomness, yes. But I don't know whether `$cstrong` will suddenly turn from `false` to `true` if you try repeatedly. Most likely you'll just get into an infinite loop. – deceze Aug 05 '14 at 10:18
  • 1
    This question appears to be better suited for http://codereview.stackexchange.com. – deceze Aug 05 '14 at 10:18
  • 1
    @deceze I moved this question to https://codereview.stackexchange.com/questions/59096/random-string-generator-using-openssl-in-php – Entimon Aug 05 '14 at 10:24

0 Answers0