PHP | hash_pbkdf2() Function
January 24, 2021
Hello dear readers! welcome back to another edition of our tutorial on PHP. In this tutorial guide, we are going to be discussing about the PHP hash_pbkdf2() Function.
The built-in PHP hash_pbkdf2() function returns PBKDF2 key derivation for the given password.
The PBKDF2 stands for Password Based Key Derivation Function 2. The pbkdf2 key derivation function uses the pseudorandom function, such as the hash_based message authentication code (HMAC) that is applied to the given password or message along with the salt and the process is iterated multiple times to get the key. This function mainly used to hash password and PBKDF2 key derivation function is designed in such a way that it becomes difficult for the attacker or unauthorized user to guess the original password hashed.
The built-in PHP hash_pbkdf2() function returns PBKDF2 key derivation for the given password.
The PBKDF2 stands for Password Based Key Derivation Function 2. The pbkdf2 key derivation function uses the pseudorandom function, such as the hash_based message authentication code (HMAC) that is applied to the given password or message along with the salt and the process is iterated multiple times to get the key. This function mainly used to hash password and PBKDF2 key derivation function is designed in such a way that it becomes difficult for the attacker or unauthorized user to guess the original password hashed.
Syntax
Following below is the syntax to use this function -
hash_pbkdf2 ( string $algo , string $password , string $salt , int $iterations [ , int $length = 0 [, bool $raw_output = FALSE ] ] ) : string
Parameter Details
Sr.No | Parameter & Description |
---|---|
1 | algo Name of the hashing algorithm. There is a big list of algorithm available with hash, some important ones are md5, sha256, etc. To get the full list of algorithms supported, check for hash_algos() |
2 | password Password for which you need to generate PBKDF2 key derivation. |
3 | salt The salt you want to use to derive the PBKDF2 key derivation. |
4 | iterations The internal interations to be performed to get to the final derivation. |
5 | length The final PBKDF2 key derivation length. If raw_output is TRUE, the derived key corresponds to the byte-length, if raw_output is FALSE, it will be twice the byte-length of the derived key |
6 | raw_output If the raw_output is false, the output will be a string with lowercase hexits, if TRUE the output will be raw binary data. |
Return Value
This built-in PHP function returns a string that has the derived key as lowercase hexits, if raw_ouput is false and if the raw_output is set to TRUE then the string will be a raw binary representation of the derived key.
PHP Version
This built-in function works from PHP version greater than 5.5.0.
Example1
The following below is an example which demonstrates the usage of the PHP hash_pbkdf2() function -
<?php $password = "mypassword"; $iterations = 500; $salt = 'testingkey'; $pbkdf2_hash = hash_pbkdf2("md5", $password, $salt, $iterations, 25); echo $pbkdf2_hash; ?>
Output
When the above code is executed, it will produce the following result -
cb0130970bb39f6a95d193934
Example2
The following below is an example which demonstrates the usage of hash_pbkdf2() function with 1000 iterations -
<?php $password = "mypassword"; $iterations = 1000; $salt = openssl_random_pseudo_bytes(10); //generates pseudo-random string of bytes $pbkdf2_hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 10); echo $pbkdf2_hash; ?>
Output
When the above code is executed, it will produce the following result -
0c31d20aa2
Example3
The following below is an example which demonstrates the usage of the hash_pbkdf2() function with the raw_output set as TRUE -
<?php $password = "mypassword"; $iterations = 1000; $salt = openssl_random_pseudo_bytes(10); //generates pseudo-random string of bytes $pbkdf2_hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 10, true); echo $pbkdf2_hash; ?>
Example4
The following below is an example which demonstrates the usage of the hash_pbkdf2() function with the raw_output set to TRUE -
In this example, we will make use of base64_encode() function that will convert the raw binary output from the PHP hash_pbkdf2() into a readable string.
In this example, we will make use of base64_encode() function that will convert the raw binary output from the PHP hash_pbkdf2() into a readable string.
<?php echo base64_encode( hash_pbkdf2("sha256", 'passwordtest', openssl_random_pseudo_bytes(10), 5000, 10, true) ); ?>
Output
When the above code is executed, it will produce the following result -
2FogGKtZxmt4iQ==
READ: PHP | hash() Function
Alright guys! This is where we are rounding up for this tutorial post. In our next tutorial, we will discuss about the hash_algos() Function in PHP.
Do feel free to ask your questions where necessary and we will attend to them as soon as possible. If this tutorial was helpful to you, you can use the share button to share this tutorial.
Do follow us on our various social media handles available and also subscribe to our newsletter to get our tutorial posts delivered directly to your emails.
Thanks for reading and bye for now.
Do feel free to ask your questions where necessary and we will attend to them as soon as possible. If this tutorial was helpful to you, you can use the share button to share this tutorial.
Do follow us on our various social media handles available and also subscribe to our newsletter to get our tutorial posts delivered directly to your emails.
Thanks for reading and bye for now.