openssl_pbkdf2
(PHP 5 >= 5.5.0, PHP 7)
openssl_pbkdf2 — Generates a PKCS5 v2 PBKDF2 string
Description
openssl_pbkdf2 ( string $password , string $salt , int $key_length , int $iterations [, string $digest_algorithm = "sha1" ] ) : string|false
openssl_pbkdf2() computes PBKDF2 (Password-Based Key Derivation Function 2), a key derivation function defined in PKCS5 v2.
Parameters
-
password -
Password from which the derived key is generated.
-
salt -
PBKDF2 recommends a crytographic salt of at least 64 bits (8 bytes).
-
key_length -
Length of desired output key.
-
iterations -
The number of iterations desired. » NIST recommends at least 10,000.
-
digest_algorithm -
Optional hash or digest algorithm from openssl_get_md_methods(). Defaults to SHA-1.
Return Values
Returns raw binary string or false on failure.
Examples
Example #1 openssl_pbkdf2() example
<?php $password = 'yOuR-pAs5w0rd-hERe'; $salt = openssl_random_pseudo_bytes(12); $keyLength = 40; $iterations = 10000; $generated_key = openssl_pbkdf2($password, $salt, $keyLength, $iterations, 'sha256'); echo bin2hex($generated_key)."\n"; echo base64_encode($generated_key)."\n"; ?>
See Also
- hash_pbkdf2() - Generate a PBKDF2 key derivation of a supplied password
- openssl_get_md_methods() - Gets available digest methods
© 1997–2020 The PHP Documentation Group
Licensed under the Creative Commons Attribution License v3.0 or later.
https://www.php.net/manual/en/function.openssl-pbkdf2.php