PHP Generate a PBKDF2 key derivation of a supplied password

说明

string hash_pbkdf2 ( string $algo , string $password , string $salt , int $iterations [, int $length = 0 [, bool $raw_output = false ]] )

参数

algo: Name of selected hashing algorithm (i.e. md5, sha256, haval160,4, etc..) See hash_algos() for a list of supported algorithms.
password: The password to use for the derivation.
salt: The salt to use for the derivation.
iterations: The number of internal iterations to perform for the derivation.
length: The length of the derived key to output. If 0, the length of the supplied algorithm is used.
raw_output: When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.

返回值

Returns a string containing the derived key as lowercase hexits unless raw_output is set to true in which case the raw binary representation of the derived key is returned.

错误／异常

An E_WARNING will be raised if the algorithm is unknown, the iterations parameter is less than or equal to 0, the length is less than 0 or the salt is too long (greater than INT_MAX - 4).

范例

Example #1 hash_pbkdf2() example, basic usage


<?php
$password = "password";
$salt = "salt";
$hash = hash_pbkdf2("sha256", $password, $salt, 1, 20);
echo $hash;
?>

以上例程会输出：

120fb6cffcf8b32c43e7

注释

Caution

The PBKDF2 method can be used for hashing passwords for storage (it is NIST approved for that use). However, it should be noted that CRYPT_BLOWFISH is better suited for password storage and should be used instead via crypt().

参见

crypt() - 单向字符串散列
hash() - Generate a hash value (message digest)
hash_algos() - Return a list of registered hashing algorithms
hash_init() - Initialize an incremental hashing context
hash_hmac() - Generate a keyed hash value using the HMAC method
hash_hmac_file() - Generate a keyed hash value using the HMAC method and the contents of a given file