study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-06-18 13:57:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/php/hash_pbkdf2.html
fofolee 7ca94f1141 0.0.1
2019-04-08 23:22:26 +08:00

223 lines
9.5 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>生成所提供密码的 PBKDF2 密钥导出</title>
</head>
<body class="docs"><div id="layout">
<div id="layout-content"><div id="function.hash-pbkdf2" class="refentry">
<div class="refnamediv">
<h1 class="refname">hash_pbkdf2</h1>
<p class="verinfo">(PHP 5 &gt;= 5.5.0, PHP 7)</p><p class="refpurpose"><span class="refname">hash_pbkdf2</span> &mdash; <span class="dc-title">生成所提供密码的 PBKDF2 密钥导出</span></p>
</div>
<div class="refsect1 description" id="refsect1-function.hash-pbkdf2-description">
<h3 class="title">说明</h3>
<div class="methodsynopsis dc-description">
<span class="methodname"><strong>hash_pbkdf2</strong></span>
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$algo</code></span>
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$password</code></span>
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$salt</code></span>
, <span class="methodparam"><span class="type">int</span> <code class="parameter">$iterations</code></span>
[, <span class="methodparam"><span class="type">int</span> <code class="parameter">$length</code><span class="initializer"> = 0</span></span>
[, <span class="methodparam"><span class="type">bool</span> <code class="parameter">$raw_output</code><span class="initializer"> = <strong><code>FALSE</code></strong></span></span>
]] ) : <span class="type">string</span></div>
</div>
<div class="refsect1 parameters" id="refsect1-function.hash-pbkdf2-parameters">
<h3 class="title">参数</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">algo</code></dt>
<dd>
<p class="para">
哈希算法名称,例如
<em>md5</em><em>sha256</em><em>haval160,4</em> 等。
受支持的算法清单请参见 <span class="function"><a href="hash_algos.html" class="function">hash_algos()</a></span>
</p>
</dd>
<dt>
<code class="parameter">password</code></dt>
<dd>
<p class="para">
要进行导出的密码。
</p>
</dd>
<dt>
<code class="parameter">salt</code></dt>
<dd>
<p class="para">
进行导出时所使用的“盐”,这个值应该是随机生成的。
</p>
</dd>
<dt>
<code class="parameter">iterations</code></dt>
<dd>
<p class="para">
进行导出时的迭代次数。
</p>
</dd>
<dt>
<code class="parameter">length</code></dt>
<dd>
<p class="para">
密钥导出数据的长度。如果 <code class="parameter">raw_output</code><strong><code>TRUE</code></strong>
此参数为密钥导出数据的字节长度。如果 <code class="parameter">raw_output</code><strong><code>FALSE</code></strong>
此参数为密钥导出数据的字节长度的 2 倍,因为 1 个字节数据对应的 2 个 16 进制的字符。
</p>
<p class="para">
如果传入 <em>0</em>,则使用所选算法的完整输出大小。
</p>
</dd>
<dt>
<code class="parameter">raw_output</code></dt>
<dd>
<p class="para">
设置为 <strong><code>TRUE</code></strong> 输出原始二进制数据,
设置为 <strong><code>FALSE</code></strong> 输出小写 16 进制字符串。
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-function.hash-pbkdf2-returnvalues">
<h3 class="title">返回值</h3>
<p class="para">
如果 <code class="parameter">raw_output</code> 设置为 <strong><code>TRUE</code></strong>
则返回原始二进制数据表示的信息摘要,
否则返回 16 进制小写字符串格式表示的信息摘要。
</p>
</div>
<div class="refsect1 errors" id="refsect1-function.hash-pbkdf2-errors">
<h3 class="title">错误/异常</h3>
<p class="para">
在以下情况下会产生 <strong><code>E_WARNING</code></strong>
指定了未知的算法,
<code class="parameter">iterations</code> 小于等于 <em>0</em>
<code class="parameter">length</code> 小于等于 <em>0</em> 或者
<code class="parameter">salt</code> 过长(大于 <strong><code>INT_MAX</code></strong><em> - 4</em>)。
</p>
</div>
<div class="refsect1 changelog" id="refsect1-function.hash-pbkdf2-changelog">
<h3 class="title">更新日志</h3>
<p class="para">
<table class="doctable informaltable">
<thead>
<tr>
<th>版本</th>
<th>说明</th>
</tr>
</thead>
<tbody class="tbody">
<tr>
<td>7.2.0</td>
<td>不再支持非加密的哈希函数adler32crc32crc32bfnv132fnv1a32fnv164fnv1a64joaat</td>
</tr>
</tbody>
</table>
</p>
</div>
<div class="refsect1 examples" id="refsect1-function.hash-pbkdf2-examples">
<h3 class="title">范例</h3>
<p class="para">
<div class="example" id="example-898">
<p><strong>Example #1 <span class="function"><strong>hash_pbkdf2()</strong></span> 例程,基础用法</strong></p>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br />$password&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"password"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$iterations&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">1000</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">//&nbsp;使用&nbsp;openssl_random_pseudo_bytes()random_bytes(),或者其他合适的随机数生成函数<br />//&nbsp;来生成随机初始向量<br /></span><span style="color: #0000BB">$salt&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">16</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">MCRYPT_DEV_URANDOM</span><span style="color: #007700">);<br /><br /></span><span style="color: #0000BB">$hash&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$password</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$salt</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iterations</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">20</span><span style="color: #007700">);<br />echo&nbsp;</span><span style="color: #0000BB">$hash</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
<div class="example-contents"><p>以上例程的输出类似于:</p></div>
<div class="example-contents screen">
<div class="cdata"><pre>
120fb6cffcf8b32c43e7
</pre></div>
</div>
</div>
</p>
</div>
<div class="refsect1 notes" id="refsect1-function.hash-pbkdf2-notes">
<h3 class="title">注释</h3>
<div class="caution"><strong class="caution">Caution</strong>
<p class="para">
为了安全起见,可以使用 PBKDF2 方法对密码明文进行哈希运算后再存储。
但是更好的方案是使用 <span class="function"><a href="password_hash.html" class="function">password_hash()</a></span> 函数
或者使用 <strong><code>CRYPT_BLOWFISH</code></strong> 算法调用
<span class="function"><a href="crypt.html" class="function">crypt()</a></span> 函数。
</p>
</div>
</div>
<div class="refsect1 seealso" id="refsect1-function.hash-pbkdf2-seealso">
<h3 class="title">参见</h3>
<p class="para">
<ul class="simplelist">
<li class="member"><span class="function"><a href="crypt.html" class="function" rel="rdfs-seeAlso">crypt()</a> - 单向字符串散列</span></li>
<li class="member"><span class="function"><a href="password_hash.html" class="function" rel="rdfs-seeAlso">password_hash()</a> - 创建密码的散列hash</span></li>
<li class="member"><span class="function"><a href="hash.html" class="function" rel="rdfs-seeAlso">hash()</a> - 生成哈希值 (消息摘要)</span></li>
<li class="member"><span class="function"><a href="hash_algos.html" class="function" rel="rdfs-seeAlso">hash_algos()</a> - 返回已注册的哈希算法列表</span></li>
<li class="member"><span class="function"><a href="hash_init.html" class="function" rel="rdfs-seeAlso">hash_init()</a> - 初始化增量哈希运算上下文</span></li>
<li class="member"><span class="function"><a href="hash_hmac.html" class="function" rel="rdfs-seeAlso">hash_hmac()</a> - 使用 HMAC 方法生成带有密钥的哈希值</span></li>
<li class="member"><span class="function"><a href="hash_hmac_file.html" class="function" rel="rdfs-seeAlso">hash_hmac_file()</a> - 使用 HMAC 方法和给定文件的内容生成带密钥的哈希值</span></li>
<li class="member"><span class="function"><a href="openssl_pbkdf2.html" class="function" rel="rdfs-seeAlso">openssl_pbkdf2()</a> - 生成一个 PKCS5 v2 PBKDF2 字符串</span></li>
</ul>
</p>
</div>
</div></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink