PHP - crypt
Trieda
Metóda - crypt
(PHP 4, PHP 5, PHP 7)
crypt() is used to create a hash of a string using one of the
supported one-way algorithms. The hashing algorithm is determined by a prefix of
salt. If no salt is specified, the standard Unix DES-based algorithm or MD5 is
used (depending on the system support) with a random salt.
Using crypt() without a salt will raise an E_NOTICE
error in PHP 5.6 or higher.
Note: If you are looking for functions suitable for hashing
and verifying passwords, please use the specialized functions
password_hash() and password_verify().
Hashes created using the crypt() function are compatible with
those created with password_hash(), and can therefore be verified
using password_verify().
Supported algorithms
Since version 5.3.0, the following algorithms are supported:
CRYPT_STD_DES- A standard DES-based algorithm. 2 characters from the range "./0-9A-Za-z" are used as the salt. A salt example:/U.
<?php echo "DES: " . crypt("ITnetwork.cz", '/U'); ?>CRYPT_EXT_DES- An extended DES-based algorithm. Its salt starts with the_, character, followed by two 26-bit numbers encoded into 2 four-character long sets of characters from the range "./0-9A-Za-z" (where.means0, andzmeans63, so every character represents 6 bits). Least significant characters come first. The first 4 characters determines the number of iterations, the second is the salt itself. A salt example:_C1..1R9/.
<?php echo "Extended DES: " . crypt("ITnetwork.cz", '_C1..1R9/'); ?>CRYPT_MD5- The standard MD5. The salt starts with$1$, followed by up to 12 characters and the dollar sign. A salt example:$1$DastRonel916$.
<?php echo "MD5: " . crypt("ITnetwork.cz", '$1$DastRonel916$'); ?>CRYPT_BLOWFISH- The blowfish algorithm. Since PHP 5.3.7, the prefix$2y$is used, due to the backwards compatibility the prefixes$2x$and$2a$can also be used. Please note that using later prefixes changes the behavior of the algorithms in a way that under certain circumstances it may lead to security issues. The prefix is followed by 2 digit cost parameter in the range "04-32", and 22 chars in the range "./0-9A-Za-z" (longer strings are shortened, shorter not allowed). A salt example:$2y$08$AtzuKL95PU1.WBnm/8920y$
<?php echo "Blowfish: " . crypt("ITnetwork.cz", '$2y$08$AtzuKL95PU1.WBnm/8920y$'); ?>CRYPT_SHA256- The SHA256 algorithm. Uses the prefix$5$followed by up to 16 characters and the dollar sign. The number of iterations may be determined by adding therounds=<N>$string after the prefix. The default value ofNis 5000, the allowed range is 1000 ~ 999,999,999.
<?php echo "SHA256: " . crypt("ITnetwork.cz", '$5$MyHandsAreTyping$'); ?>CRYPT_SHA512- The SHA512 algorithm. The prefix is$6$, uses the same format asCRYPT_SHA256.
In versions prior to 5.3.0, PHP's crypt() function depends
solely on the algorithms supported by system. This support can be verified usign
the global constant of the name of the algorithm we want to use. The variable
will be set to 1 if the selected algorithm is supported, to
0 otherwise. An example: to test the support of the Blowfish
algorithm, the constant CRYPT_BLOWFISH would be used.
<?php echo CRYPT_BLOWFISH ? "Blowfish supported" : "Blowfish not supported"; ?>Procedurálne
- function crypt (string $str, string $salt) : string
Parametre
| Názov | Dátový typ | Predvolená hodnota | Popis |
|---|---|---|---|
| $str | string | The string to be hashed. If the | |
| $salt | string | The salt to be used in the hashing function. Its format determines the used algorithm. |
Mávratovej hodnoty
Vracia: string
Returns the hash of the original string. If hashing failed, or the salt in an incorrect format is supplied, the returned hash is shorter than 13 (21 in case of Blowfish) characters.
Príklady
<?php
// You should always generate a random salt for each individual hash to make your hashes secure!
$salt = '$2y$08$' . str_replace('+', '.', base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM))) . '$';
echo "Blowfish hash: " . crypt("itnetwork", $salt);
?>Súvisiace manuály
- function password_hash (string $password, integer $algo, array $options) : string