openssl_pbkdf2()
(PHP 5 >= 5.5.0, PHP 7)
生成一个 PKCS5 v2 PBKDF2 字符串
说明
openssl_pbkdf2(string $password,string $salt,int $key_length,int $iterations[,string $digest_algorithm= "sha1"]): string
openssl_pbkdf2()计算 PBKDF2(Password-Based Key Derivation Function 2),在PKCS5 v2中定义的一个密钥的推导函数.
参数
- $password
派生密钥所生成的密码。
- $salt
PBKDF2 推荐一个不少于64位(8字节)的密码盐值。
- $key_length
希望输出密钥的长度。
- $iterations
需要的迭代次数» NIST 建议至少10,000次.
- $digest_algorithm
在openssl_get_md_methods()中可选的散列或摘要算法.默认是 SHA-1.
返回值
成功,返回原始二进制字符串或者在失败时返回FALSE
.
范例
openssl_pbkdf2()范例
<?php $password = 'yOuR-pAs5w0rd-hERe'; $salt = openssl_random_pseudo_bytes(12); $keyLength = 40; $iterations = 10000; $generated_key = openssl_pbkdf2($password, $salt, $keyLength, $iterations, 'sha256'); echo bin2hex($generated_key)."\n"; echo base64_encode($generated_key)."\n"; ?>
参见
hash_pbkdf2()
生成所提供密码的 PBKDF2 密钥导出openssl_get_md_methods()
获取可用的摘要算法
Despite the manual claiming that this is available in PHP 5.5 and above, this function wasn't made available in my local install. I expect that having a prehistoric OpenSSL library version installed is the likely culprit. If you're using PHP 5.5 and don't have this function available in your OpenSSL extension, look at the functionally equivalent hash_pbkdf2 function instead.