study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-06-18 05:26:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/php/hash_hkdf.html
fofolee f782158fb7 v0.0.2
2019-04-28 19:00:34 +08:00

167 lines
8.0 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Generate a HKDF key derivation of a supplied key input</title>
</head>
<body class="docs"><div id="layout">
<div id="layout-content"><div id="function.hash-hkdf" class="refentry">
<div class="refnamediv">
<h1 class="refname">hash_hkdf</h1>
<p class="verinfo">(PHP 7 &gt;= 7.1.2)</p><p class="refpurpose"><span class="refname">hash_hkdf</span> &mdash; <span class="dc-title">Generate a HKDF key derivation of a supplied key input</span></p>
</div>
<div class="refsect1 description" id="refsect1-function.hash-hkdf-description">
<h3 class="title">说明</h3>
<div class="methodsynopsis dc-description">
<span class="methodname"><strong>hash_hkdf</strong></span>
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$algo</code></span>
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$ikm</code></span>
[, <span class="methodparam"><span class="type">int</span> <code class="parameter">$length</code><span class="initializer"> = 0</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter">$info</code><span class="initializer"> = &#039;&#039;</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter">$salt</code><span class="initializer"> = &#039;&#039;</span></span>
]]] ) : <span class="type">string</span></div>
</div>
<div class="refsect1 parameters" id="refsect1-function.hash-hkdf-parameters">
<h3 class="title">参数</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">algo</code></dt>
<dd>
<p class="para">
Name of selected hashing algorithm (i.e. &quot;sha256&quot;, &quot;sha512&quot;, &quot;haval160,4&quot;, etc..)
See <span class="function"><a href="hash_algos.html" class="function">hash_algos()</a></span> for a list of supported algorithms.
<blockquote class="note"><p><strong class="note">Note</strong>:
<p class="para">
Non-cryptographic hash functions are not allowed.
</p>
</p></blockquote>
</p>
</dd>
<dt>
<code class="parameter">ikm</code></dt>
<dd>
<p class="para">
Input keying material (raw binary). Cannot be empty.
</p>
</dd>
<dt>
<code class="parameter">length</code></dt>
<dd>
<p class="para">
Desired output length in bytes.
Cannot be greater than 255 times the chosen hash function size.
</p>
<p class="para">
If <code class="parameter">length</code> is <em>0</em>, the output length
will default to the chosen hash function size.
</p>
</dd>
<dt>
<code class="parameter">info</code></dt>
<dd>
<p class="para">
Application/context-specific info string.
</p>
</dd>
<dt>
<code class="parameter">salt</code></dt>
<dd>
<p class="para">
Salt to use during derivation.
</p>
<p class="para">
While optional, adding random salt significantly improves the strength of HKDF.
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-function.hash-hkdf-returnvalues">
<h3 class="title">返回值</h3>
<p class="para">
Returns a string containing a raw binary representation of the derived key
(also known as output keying material - OKM); or <strong><code>FALSE</code></strong> on failure.
</p>
</div>
<div class="refsect1 errors" id="refsect1-function.hash-hkdf-errors">
<h3 class="title">错误/异常</h3>
<p class="para">
An <strong><code>E_WARNING</code></strong> will be raised if <code class="parameter">ikm</code>
is empty, <code class="parameter">algo</code> is unknown/non-cryptographic,
<code class="parameter">length</code> is less than <em>0</em> or too large
(greater than 255 times the size of the hash function).
</p>
</div>
<div class="refsect1 examples" id="refsect1-function.hash-hkdf-examples">
<h3 class="title">范例</h3>
<p class="para">
<div class="example" id="example-893">
<p><strong>Example #1 <span class="function"><strong>hash_hkdf()</strong></span> example</strong></p>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//&nbsp;Generate&nbsp;a&nbsp;random&nbsp;key,&nbsp;and&nbsp;salt&nbsp;to&nbsp;strengthen&nbsp;it&nbsp;during&nbsp;derivation.<br /></span><span style="color: #0000BB">$inputKey&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">random_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$salt&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">random_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">16</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;Derive&nbsp;a&nbsp;pair&nbsp;of&nbsp;separate&nbsp;keys,&nbsp;using&nbsp;the&nbsp;same&nbsp;input&nbsp;created&nbsp;above.<br /></span><span style="color: #0000BB">$encryptionKey&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hkdf</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$inputKey</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">32</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">'aes-256-encryption'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$salt</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$authenticationKey&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hkdf</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$inputKey</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">32</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">'sha-256-authentication'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$salt</span><span style="color: #007700">);<br /><br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$encryptionKey&nbsp;</span><span style="color: #007700">!==&nbsp;</span><span style="color: #0000BB">$authenticationKey</span><span style="color: #007700">);&nbsp;</span><span style="color: #FF8000">//&nbsp;bool(true)<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
<div class="example-contents"><p>
The above example produces a pair of separate keys, suitable for creation of an
encrypt-then-HMAC construct, using AES-256 and SHA-256 for encryption and
authentication respectively.
</p></div>
</div>
</p>
</div>
<div class="refsect1 seealso" id="refsect1-function.hash-hkdf-seealso">
<h3 class="title">参见</h3>
<p class="para">
<ul class="simplelist">
<li class="member"><span class="function"><a href="hash_pbkdf2.html" class="function" rel="rdfs-seeAlso">hash_pbkdf2()</a> - 生成所提供密码的 PBKDF2 密钥导出</span></li>
<li class="member"><a href="http://www.faqs.org/rfcs/rfc5869" class="link external">&raquo;&nbsp;RFC 5869</a></li>
<li class="member"><a href="https://github.com/narfbg/hash_hkdf_compat" class="link external">&raquo;&nbsp;userland implementation</a></li>
</ul>
</p>
</div>
</div></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink