PHP openssl_pbkdf2() Function Last Updated : 25 Jul, 2023 Comments Improve Suggest changes Like Article Like Report The openssl_pbkdf2() function is an inbuilt function in PHP that implements the Password-Based Key Derivation Function 2 (PBKDF2) algorithm provided by the OpenSSL library. The algorithm is designed to be slow and computationally intensive, making it resistant to brute-force attacks. Syntax: openssl_pbkdf2( string $password, string $salt, int $key_length, int $iterations, string $digest_algo = "sha1" ) : string|falseParameters: This function accepts five parameters that are described below: $password: The password that the key should be derived from.$salt: A random salt value that should be used to help make the derived key unique.$key_length: The length (in bytes) of the derived key.$iterations: The number of iterations to use when deriving the key. More iterations will make the algorithm slower but also more secure.$digest_algo: The digest algorithm to use when deriving the key. This should be one of the supported OpenSSL digest algorithms, such as "sha256" or "sha512".Return Value: The return value of openssl_pbkdf2() is a binary string containing the derived key. If failure, it will return "false". Example 1: The following example demonstrates the openssl_pbkdf2() function. PHP <?php $password = "this@ismypassword55839459144595"; // Saved hash from a previous run $savedHash = "MjY4YjRkZDc1YzAzNzYzZGMwZDEzYjI3NmVlM2ZkNTE="; $decodedHash = base64_decode($savedHash); if (openssl_pbkdf2($password, $decodedHash, 32, 10000, "sha256") === $decodedHash) { echo "Password is valid."; } else { echo "Password is invalid."; } ?> OutputPassword is invalid. Example 2: The following example demonstrates the openssl_pbkdf2() function. PHP <?php $userID = 'user123'; $deviceID = 'device456'; $secretKey = openssl_random_pseudo_bytes(32); $salt = $userID . $deviceID; $iterations = 50000; $keyLength = 64; $secureToken = openssl_pbkdf2($secretKey, $salt, $keyLength, $iterations, 'sha512'); // Display the secure token echo "Secure Token: " . base64_encode($secureToken) . "\n"; ?> Output: Secure Token: LWL+RuQr+TmOysJt8CBrKu5yC8vk2f9aMBH9y1xK82Nz4dDd88dd+8QqssBgoMDnGD9D5kTcmAlldzz7hUStjw== Reference: https://www.php.net/manual/en/function.openssl-pbkdf2.php Comment More infoAdvertise with us Next Article PHP openssl_pbkdf2() Function N neeraj3304 Follow Improve Article Tags : PHP PHP-function PHP-OpenSSL Similar Reads PHP | hash_pbkdf2() Function The hash_pbkdf2() function is an inbuilt function in PHP which is used to generate a PBKDF2 key derivation of a supplied password. Syntax: string hash_pbkdf2( $algo, $pass, $salt, $itr, $len, $raw_opt ) Parameters: This function accept six parameters as mention above and describe below. $algo: It is 2 min read PHP openssl_digest() Function The openssl_digest() function is an inbuilt function in PHP that is used to compute a digest hash value for the given data using a given method and returns a raw or binary hex-encoded string. Syntax: openssl_digest( string $data, string $digest_algo, bool $binary = false): string|false Parameters: T 2 min read PHP openssl_verify() Function The openssl_verify() function is an inbuilt function in PHP which is used to verifies that if the signature is correct for the specified data using the public key associated with public_key or not. This must be the public key corresponding to the private key used for signing. Syntax:Â openssl_verify 2 min read PHP openssl_pkcs12_read() Function The openssl_pkcs12_read() function is a built-in function in PHP and is used by the PKCS # 12 certificate store to convert it into an array provided by pkcs12. A PKCS #12 file may be encrypted and signed. Syntax: bool openssl_pkcs12_read( string $pkcs12, array &$certs, string $pass ) Parameters: 2 min read PHP openssl_pkey_new() Function The openssl_pkey_new() function is an inbuilt function in PHP cryptography extension that is used to generate a new private/public key pair using the OpenSSL library. Syntax: openssl_pkey_new(?array $options = null): OpenSSLAsymmetricKey|false Parameters: This function accepts one parameter which is 2 min read Like