If you want to ensure that the hashes you generate with sodium_crypto_pwhash_str are compatible with those generated by password_hash, you need to keep an eye on that memory setting. According to the docs, the password_hash memory_cost param is given in "kibibytes", whereas sodium_crypto_pwhash_str uses bytes. I did some experiments to see what the difference is and ran into this:
echo password_hash('password',
PASSWORD_ARGON2ID,
[
'memory_cost' => 15000,
'time_cost' => 26,
'threads' => 1,
];
echo sodium_crypto_pwhash_str(
'password', 26,
15000000);
These result in:
$argon2id$v=19$m=15000,t=26,p=1$VG5MSkhUdEdFaGwyVG5sWA$laRHogIVAnC4ggLI8RdCDWlITTdicrdq0tK6SHGf4CI
$argon2id$v=19$m=14648,t=26,p=1$ClQ37/z9u7K6V1C2bkD4QA$51m8KhQQ9gujFSF+JyQR9d5QesayJiKsFmDU4HnGBHg
Notice that the "m=" numbers are different, and also different from what we asked for. It's down to the "kibibytes" unit. If we multiply the 15000 we used for password_hash by 1,024 instead of 1,000, we get 15,360,000, and using that number gives us the expected hash params:
echo sodium_crypto_pwhash_str(
'password', 26,
15360000);
$argon2id$v=19$m=15000,t=26,p=1$Qz3pWktOvT6X/LvdAk0bgQ$KosSFPfHUtWg+ppyRs3Op5/zIV6F6iy2Q7Gom8wP29c
This should be compatible with password_hash.
Incidentally the numbers I'm using for the Argon2id hash params are taken from the OWASP password guide, which recommend values different from PHP's default: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
PHP - Manual: sodium_crypto_pwhash_str
2024-11-14
sodium_crypto_pwhash_str
(PHP 7 >= 7.2.0, PHP 8)
sodium_crypto_pwhash_str — Get an ASCII-encoded hash
说明
sodium_crypto_pwhash_str(string
$password, int $opslimit, int $memlimit): stringUses a CPU- and memory-hard hash algorithm along with a randomly-generated salt, and memory and CPU limits to generate an ASCII-encoded hash suitable for password storage.
参数
-
password -
string; The password to generate a hash for.
-
opslimit -
Represents a maximum amount of computations to perform. Raising this number will make the function require more CPU cycles to compute a key. There are constants available to set the operations limit to appropriate values depending on intended use, in order of strength:
SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,SODIUM_CRYPTO_PWHASH_OPSLIMIT_MODERATEandSODIUM_CRYPTO_PWHASH_OPSLIMIT_SENSITIVE. -
memlimit -
The maximum amount of RAM that the function will use, in bytes. There are constants to help you choose an appropriate value, in order of size:
SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE,SODIUM_CRYPTO_PWHASH_MEMLIMIT_MODERATE, andSODIUM_CRYPTO_PWHASH_MEMLIMIT_SENSITIVE. Typically these should be paired with the matching opslimit values.
返回值
Returns the hashed password.
In order to produce the same password hash from the same password, the same values for opslimit and memlimit must be used. These are embedded within the generated hash, so
everything that's needed to verify the hash is included. This allows
the sodium_crypto_pwhash_str_verify() function to verify the hash without
needing separate storage for the other parameters.
范例
示例 #1 sodium_crypto_pwhash_str() example
<?php
$password = 'password';
echo sodium_crypto_pwhash_str(
$password,
SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
);
以上例程的输出类似于:
$argon2id$v=19$m=65536,t=2,p=1$oWIfdaXwWwhVmovOBc2NAQ$EbsZ+JnZyyavkafS0hoc4HdaOB0ILWZESAZ7kVGa+Iw
注释
注意:
Hashes are calculated using the Argon2ID algorithm, providing resistance to both GPU and side-channel attacks. In contrast to the password_hash() function, there is no salt parameter (a salt is generated automatically), and the
opslimitandmemlimitparameters are not optional.
参见
- sodium_crypto_pwhash_str_verify() - Verifies that a password matches a hash
- sodium_crypto_pwhash() - Derive a key from a password, using Argon2
- password_hash() - 创建密码的散列(hash)
- password_verify() - 验证密码是否和散列值匹配
- » Libsodium Argon2 docs
add a note
User Contributed Notes 1 note
marcus at synchromedia dot co dot uk ¶
1 year ago
官方地址:https://www.php.net/manual/en/function.sodium-crypto-pwhash-str.php
IT
PHP
编程语言
Linux
开发编程
科技
Elasticsearch
HTML/CSS/XML
网络
JAVA
NoSQL
数据库
面试
C/C++
Golang
Git
算法
操作系统
正则表达式
Redis
互联网
MySql
JavaScript
运维
软件
国际
架构设计
Mac OS
TCP/IP
Excel
Vim
Windows
Socket
Oracle
VR
MongoDB
Python
运营
MemCache
商业
硬件
电子
娱乐
设计
nginx
摄影
游戏
WordPress
HTTP
团建
数码电器
广告
--
php7 安装fileinfo扩展
preg_split — 通过一个正则表达式分隔字符串
php位值,解决 PHP 中 usort 在值相同时改变原始位置的问题
[PHP] inet_pton/inet_ntop IP地址转换函数
array_multisort() 多字段排序
PHPMailer设置utf8 PHPMailer字符集CharSet
ADORecordSet对象
adodb手册
PHP 8.1
[鸟哥]PHP_INT_MIN 和 -9223372036854775808
opcache预加载
Composer的Packagist资源
mysql面试题
[鸟哥]PHP FFI详解 - 一种全新的PHP扩展方式
PHP7添加redis扩展
PHP mkdir()写出来的权限与mode值不符合
Packagist / Composer 中国全量镜像
php中几种注释规范
利用php soap实现web service
PHP获取指定函数定义在哪个文件中及行号