- PHP Tutorial
- PHP - Home
- PHP - Introduction
- PHP - Installation
- PHP - History
- PHP - Syntax
- PHP - Hello World
- PHP - Comments
- PHP - Variables
- PHP - Echo/Print
- PHP - var_dump
- PHP - $ and $$ Variables
- PHP - Constants
- PHP - Magic Constants
- PHP - Data Types
- PHP - Type Casting
- PHP - Type Juggling
- PHP - Strings
- PHP - Boolean
- PHP - Integers
- PHP - Files & I/O
- PHP - Maths Functions
- PHP - Heredoc & Nowdoc
- PHP - Compound Types
- PHP - File Include
- PHP - Date & Time
- PHP - Scalar Type Declarations
- PHP - Return Type Declarations
- PHP Operators
- PHP - Operators
- PHP - Arithmatic Operators
- PHP - Comparison Operators
- PHP - Logical Operators
- PHP - Assignment Operators
- PHP - String Operators
- PHP - Array Operators
- PHP - Conditional Operators
- PHP - Spread Operator
- PHP - Null Coalescing Operator
- PHP - Spaceship Operator
- PHP Control Statements
- PHP - Decision Making
- PHP - If…Else Statement
- PHP - Switch Statement
- PHP - For Loop
- PHP - Foreach Loop
- PHP - While Loop
- PHP - Do…While Loop
- PHP - Break Statement
- PHP - Continue Statement
- PHP Arrays
- PHP - Arrays
- PHP - Indexed Array
- PHP - Associative Array
- PHP - Multidimensional Array
- PHP - Array Functions
- PHP - Constant Arrays
- PHP Functions
- PHP - Functions
- PHP - Function Parameters
- PHP - Call by value
- PHP - Call by Reference
- PHP - Default Arguments
- PHP - Named Arguments
- PHP - Variable Arguments
- PHP - Returning Values
- PHP - Passing Functions
- PHP - Recursive Functions
- PHP - Type Hints
- PHP - Variable Scope
- PHP - Strict Typing
- PHP - Anonymous Functions
- PHP - Arrow Functions
- PHP - Variable Functions
- PHP - Local Variables
- PHP - Global Variables
- PHP Superglobals
- PHP - Superglobals
- PHP - $GLOBALS
- PHP - $_SERVER
- PHP - $_REQUEST
- PHP - $_POST
- PHP - $_GET
- PHP - $_FILES
- PHP - $_ENV
- PHP - $_COOKIE
- PHP - $_SESSION
- PHP File Handling
- PHP - File Handling
- PHP - Open File
- PHP - Read File
- PHP - Write File
- PHP - File Existence
- PHP - Download File
- PHP - Copy File
- PHP - Append File
- PHP - Delete File
- PHP - Handle CSV File
- PHP - File Permissions
- PHP - Create Directory
- PHP - Listing Files
- Object Oriented PHP
- PHP - Object Oriented Programming
- PHP - Classes and Objects
- PHP - Constructor and Destructor
- PHP - Access Modifiers
- PHP - Inheritance
- PHP - Class Constants
- PHP - Abstract Classes
- PHP - Interfaces
- PHP - Traits
- PHP - Static Methods
- PHP - Static Properties
- PHP - Namespaces
- PHP - Object Iteration
- PHP - Encapsulation
- PHP - Final Keyword
- PHP - Overloading
- PHP - Cloning Objects
- PHP - Anonymous Classes
- PHP Web Development
- PHP - Web Concepts
- PHP - Form Handling
- PHP - Form Validation
- PHP - Form Email/URL
- PHP - Complete Form
- PHP - File Inclusion
- PHP - GET & POST
- PHP - File Uploading
- PHP - Cookies
- PHP - Sessions
- PHP - Session Options
- PHP - Sending Emails
- PHP - Sanitize Input
- PHP - Post-Redirect-Get (PRG)
- PHP - Flash Messages
- PHP AJAX
- PHP - AJAX Introduction
- PHP - AJAX Search
- PHP - AJAX XML Parser
- PHP - AJAX Auto Complete Search
- PHP - AJAX RSS Feed Example
- PHP XML
- PHP - XML Introduction
- PHP - Simple XML Parser
- PHP - SAX Parser Example
- PHP - DOM Parser Example
- PHP Login Example
- PHP - Login Example
- PHP - Facebook Login
- PHP - Paypal Integration
- PHP - MySQL Login
- PHP Advanced
- PHP - MySQL
- PHP.INI File Configuration
- PHP - Array Destructuring
- PHP - Coding Standard
- PHP - Regular Expression
- PHP - Error Handling
- PHP - Try…Catch
- PHP - Bugs Debugging
- PHP - For C Developers
- PHP - For PERL Developers
- PHP - Frameworks
- PHP - Core PHP vs Frame Works
- PHP - Design Patterns
- PHP - Filters
- PHP - JSON
- PHP - Exceptions
- PHP - Special Types
- PHP - Hashing
- PHP - Encryption
- PHP - is_null() Function
- PHP - System Calls
- PHP - HTTP Authentication
- PHP - Swapping Variables
- PHP - Closure::call()
- PHP - Filtered unserialize()
- PHP - IntlChar
- PHP - CSPRNG
- PHP - Expectations
- PHP - Use Statement
- PHP - Integer Division
- PHP - Deprecated Features
- PHP - Removed Extensions & SAPIs
- PHP - PEAR
- PHP - CSRF
- PHP - FastCGI Process
- PHP - PDO Extension
- PHP - Built-In Functions
- PHP Useful Resources
- PHP - Questions & Answers
- PHP - Useful Resources
- PHP - Discussion
PHP - Hash pbkdf2() Function
Definition and Usage
The hash_pbkdf2() function returns PBKDF2 key derivation for the given password.
The PBKDF2 stands for Password-Based Key Derivation Function 2. The PBKDF2 key derivation function makes use of pseudorandom function, such as hash-based message authentication code (HMAC) that is applied to the given password or message along with the salt and the process is iterated multiple times to get the key. It is mainly used to hash password and the PBKDF2 key derivation function is designed in such a way that it becomes difficult for the attacker to guess the original password hashed.
Syntax
hash_pbkdf2 ( string $algo , string $password , string $salt , int $iterations [ , int $length = 0 [, bool $raw_output = FALSE ] ] ) : string
Parameters
| Sr.No | Parameter & Description |
|---|---|
| 1 |
algo Name of the hashing algorithm. There is a big list of algorithm available with hash, some important ones are md5, sha256, etc. To get the full list of algorithms supported, check for hash_algos() |
| 2 |
password Password for which you need to generate PBKDF2 key derivation. |
| 3 |
salt The salt you want to use to derive the PBKDF2 key derivation. |
| 4 |
iterations The internal interations to be performed to get to the final derivation. |
| 5 |
length The final PBKDF2 key derivation length. If raw_output is TRUE, the derived key corresponds to the byte-length, if raw_output is FALSE, it will be twice the byte-length of the derived key |
| 6 |
raw_output If the raw_output is false, the output will be a string with lowercase hexits, if TRUE the output will be raw binary data. |
Return Values
The hash_pbkdf2() returns a string that has the derived key as lowercase hexits, if raw_output is false and if raw_output is set to TRUE the string will be raw binary representation of the derived key.
PHP Version
This function will work from PHP Version greater than 5.5.0.
Example 1
Using hash_pbkdf2() −
<?php
$password = "mypassword";
$iterations = 500;
$salt = 'testingkey';
$pbkdf2_hash = hash_pbkdf2("md5", $password, $salt, $iterations, 25);
echo $pbkdf2_hash;
?>
Output
This will produce the following result −
cb0130970bb39f6a95d193934
Example 2
Using hash_pbkdf2() with 1000 iterations −
<?php
$password = "mypassword";
$iterations = 1000;
$salt = openssl_random_pseudo_bytes(10); //generates pseudo-random string of bytes
$pbkdf2_hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 10);
echo $pbkdf2_hash;
?>
Output
This will produce the following result −
0c31d20aa2
Example 3
Using hash_pbkdf2() with raw_output as true −
<?php
$password = "mypassword";
$iterations = 1000;
$salt = openssl_random_pseudo_bytes(10); //generates pseudo-random string of bytes
$pbkdf2_hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 10, true);
echo $pbkdf2_hash;
?>
Example 4
Using hash_pbkdf2() with raw_output as true −
In the example will make use of base64_encode() PHP function that will convert the raw binary output from hash_pbkdf2() into a reabable string.
<?php
echo base64_encode(
hash_pbkdf2("sha256", 'passwordtest', openssl_random_pseudo_bytes(10), 5000, 10, true)
);
?>
Output
This will produce the following result −
2FogGKtZxmt4iQ==