(PHP 5 >= 5.5.0, PHP 7)
openssl_pbkdf2 — Generates a PKCS5 v2 PBKDF2 string
$password
, string $salt
, int $key_length
, int $iterations
[, string $digest_algorithm
= "sha1"
] )openssl_pbkdf2() computes PBKDF2 (Password-Based Key Derivation Function 2), a key derivation function defined in PKCS5 v2.
password
Password from which the derived key is generated.
salt
PBKDF2 recommends a crytographic salt of at least 64 bits (8 bytes).
key_length
Length of desired output key.
iterations
The number of iterations desired. » NIST recommends at least 10,000.
digest_algorithm
Optional hash or digest algorithm from openssl_get_md_methods(). Defaults to SHA-1.
Returns raw binary string or FALSE
on failure.
Example #1 openssl_pbkdf2() example
<?php
$password = 'yOuR-pAs5w0rd-hERe';
$salt = openssl_random_pseudo_bytes(12);
$keyLength = 40;
$iterations = 10000;
$generated_key = openssl_pbkdf2($password, $salt, $keyLength, $iterations, 'sha256');
echo bin2hex($generated_key)."\n";
echo base64_encode($generated_key)."\n";
?>