Generates a PKCS5 v2 PBKDF2 string

Description

openssl_pbkdf2(
    string $password,
    string $salt,
    int $key_length,
    int $iterations,
    string $digest_algo = "sha1"
): string|false

openssl_pbkdf2() computes PBKDF2 (Password-Based Key Derivation Function 2), a key derivation function defined in PKCS5 v2.

Parameters

password: Password from which the derived key is generated.
salt: PBKDF2 recommends a crytographic salt of at least 64 bits (8 bytes).
key_length: Length of desired output key.
iterations: The number of iterations desired. » NIST recommends at least 10,000.
digest_algo: Optional hash or digest algorithm from openssl_get_md_methods(). Defaults to SHA-1.

Return Values

Returns raw binary string or false on failure.

Examples

Example #1 openssl_pbkdf2() example

<?php
$password = 'password';
$salt = openssl_random_pseudo_bytes(16);
$keyLength = 20;
$iterations = 600000;
$generated_key = openssl_pbkdf2($password, $salt, $keyLength, $iterations, 'sha256');
echo bin2hex($generated_key)."\n";
echo base64_encode($generated_key)."\n";
?>

openssl_pbkdf2

Description

Parameters

Return Values

Examples

See Also