openssl_pbkdf2

(PHP 5 >= 5.5.0, PHP 7)

openssl_pbkdf2Generates a PKCS5 v2 PBKDF2 string

说明

string openssl_pbkdf2 ( string $password , string $salt , int $key_length , int $iterations [, string $digest_algorithm = "sha1" ] )

openssl_pbkdf2() computes PBKDF2 (Password-Based Key Derivation Function 2), a key derivation function defined in PKCS5 v2.

参数

password

Password from which the derived key is generated.

salt

PBKDF2 recommends a crytographic salt of at least 64 bits (8 bytes).

key_length

Length of desired output key.

iterations

The number of iterations desired. » NIST recommends at least 10,000.

digest_algorithm

Optional hash or digest algorithm from openssl_get_md_methods(). Defaults to SHA-1.

返回值

Returns raw binary string 或者在失败时返回 FALSE.

范例

Example #1 openssl_pbkdf2() example

<?php
$password 
'yOuR-pAs5w0rd-hERe';
$salt openssl_random_pseudo_bytes(12);
$keyLength 40;
$iterations 10000;
$generated_key openssl_pbkdf2($password$salt$keyLength$iterations'sha256');
echo 
bin2hex($generated_key)."\n";
echo 
base64_encode($generated_key)."\n";
?>

参见

User Contributed Notes

McGlockenshire 20-Mar-2014 05:10
Despite the manual claiming that this is available in PHP 5.5 and above, this function wasn't made available in my local install.

I expect that having a prehistoric OpenSSL library version installed is the likely culprit.

If you're using PHP 5.5 and don't have this function available in your OpenSSL extension, look at the functionally equivalent hash_pbkdf2 function instead.