hash_pbkdf2
(PHP 5 >= 5.5.0, PHP 7, PHP 8)
hash_pbkdf2 — Generate a PBKDF2 key derivation of a supplied password
Beschreibung
string
$algo,string
$password,string
$salt,int
$iterations,int
$length = 0,bool
$binary = false): string
Parameter-Liste
-
algo -
Name of selected hashing algorithm (i.e.
md5,sha256,haval160,4, etc..) See hash_algos() for a list of supported algorithms. -
password -
The password to use for the derivation.
-
salt -
The salt to use for the derivation. This value should be generated randomly.
-
iterations -
The number of internal iterations to perform for the derivation.
-
length -
The length of the output string. If
binaryistruethis corresponds to the byte-length of the derived key, ifbinaryisfalsethis corresponds to twice the byte-length of the derived key (as every byte of the key is returned as two hexits).If
0is passed, the entire output of the supplied algorithm is used. -
binary -
When set to
true, outputs raw binary data.falseoutputs lowercase hexits.
Rückgabewerte
Returns a string containing the derived key as lowercase hexits unless
binary is set to true in which case the raw
binary representation of the derived key is returned.
Fehler/Exceptions
An E_WARNING will be raised if the algorithm is
unknown, the iterations parameter is less than or
equal to 0, the length is less
than 0 or the salt is too long
(greater than INT_MAX - 4).
Changelog
| Version | Beschreibung |
|---|---|
| 7.2.0 | Usage of non-cryptographic hash functions (adler32, crc32, crc32b, fnv132, fnv1a32, fnv164, fnv1a64, joaat) was disabled. |
Beispiele
Beispiel #1 hash_pbkdf2() example, basic usage
<?php
$password = "password";
$iterations = 1000;
// Generate a random IV using openssl_random_pseudo_bytes()
// random_bytes() or another suitable source of randomness
$salt = openssl_random_pseudo_bytes(16);
$hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 20);
var_dump($hash);
// for raw binary, the $length needs to be halved for equivalent results
$hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 10, true);
var_dump(bin2hex($hash));?>
Das oben gezeigte Beispiel erzeugt eine ähnliche Ausgabe wie:
string(20) "120fb6cffcf8b32c43e7" string(20) "120fb6cffcf8b32c43e7"
Anmerkungen
The PBKDF2 method can be used for hashing passwords for storage. However, it
should be noted that password_hash() or
crypt() with CRYPT_BLOWFISH are
better suited for password storage.
Siehe auch
- crypt() - Einweg-String-Hashing
- password_hash() - Erstellt einen Passwort-Hash
- hash() - Berechnet den Hash einer Nachricht
- hash_algos() - Liefert eine Liste der verfügbaren Hashing-Algorithmen
- hash_init() - Initialisiert einen schrittweisen Hashing-Kontext
- hash_hmac() - Berechnet einen Hash mit Schlüssel unter Verwendung von HMAC
- hash_hmac_file() - Berechnet einen Hash einer Datei mit Schlüssel unter Verwendung von HMAC
- openssl_pbkdf2() - Generates a PKCS5 v2 PBKDF2 string
