Use PHP7's random_bytes() when possible
Close #4260
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index f3e0398..151ce8d 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -337,6 +337,11 @@
*/
public function create_key($length)
{
+ if (function_exists('random_bytes'))
+ {
+ return random_bytes((int) $length);
+ }
+
return ($this->_driver === 'mcrypt')
? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)
: openssl_random_pseudo_bytes($length);