/** * Look for a system-provided source of randomness, which is usually crytographically secure. * /dev/urandom is tried first simply out of bias for Linux systems. */ public static function initRandom() { if (is_readable('/dev/urandom')) { self::$randomSource = fopen('/dev/urandom', 'rb'); self::$randomFunc = 'randomFRead'; } else { if (class_exists('COM', 0)) { try { self::$randomSource = new COM('CAPICOM.Utilities.1'); // See http://msdn.microsoft.com/en-us/library/aa388182(VS.85).aspx self::$randomFunc = 'randomCOM'; } catch (Exception $e) { } } } return self::$randomFunc; }