mirror of
https://github.com/php/doc-en.git
synced 2026-03-23 23:32:18 +01:00
100 lines
3.6 KiB
XML
100 lines
3.6 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
<book xml:id="book.hash" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" annotations="interactive">
|
|
<?phpdoc extension-membership="core" ?>
|
|
<title>HASH Message Digest Framework</title>
|
|
<titleabbrev>Hash</titleabbrev>
|
|
|
|
<!-- {{{ preface -->
|
|
<preface xml:id="intro.hash">
|
|
&reftitle.intro;
|
|
<para>
|
|
This extension provides functions that can be used for direct or
|
|
incremental processing of arbitrary length messages using a variety of
|
|
hashing algorithms, including the generation of <acronym>HMAC</acronym>
|
|
values and key derivations including <acronym>HKDF</acronym> and
|
|
<acronym>PBKDF2</acronym>.
|
|
</para>
|
|
<para>
|
|
There are roughly three categories of hashing algorithms, and a complete list of
|
|
algorithms can be found in the documentation for <function>hash_algos</function>.
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<simpara>
|
|
Checksum algorithms (such as <literal>"crc32b"</literal> or <literal>"adler32"</literal>):
|
|
These are used to calculate checksums, useful in situations such as when
|
|
transmission errors are to be detected. They are often very fast. These
|
|
algorithms often generate values that are easily "guessable" or can be manipulated
|
|
to create collisions, so they are entirely unsuitable for cryptographic use.
|
|
</simpara>
|
|
</listitem>
|
|
<listitem>
|
|
<simpara>
|
|
Non-cryptographic algorithms (such as the xxHash family):
|
|
These are often used to calculate hash values for hash tables, as they are
|
|
designed to yield a good distribution over arbitrary string inputs. They
|
|
are also generally fast, but also not suitable for cryptographic use.
|
|
</simpara>
|
|
</listitem>
|
|
<listitem>
|
|
<simpara>
|
|
Cryptographic algorithms (such as the SHA-2 family):
|
|
These are designed to yield hash values that are representative of their
|
|
inputs but are not guessable nor prone to collisions. Performance is often
|
|
a secondary concern, but modern hardware often supports special handling
|
|
for these algorithms that PHP tries to use when available.
|
|
</simpara>
|
|
<simpara>
|
|
The Computer Security Resource Center of the <acronym>NIST</acronym> has
|
|
<link xlink:href="&url.hash.nist-hash-functions;">explanation of the algorithms
|
|
currently approved by United States Federal Information Processing
|
|
Standards</link>.
|
|
</simpara>
|
|
<caution>
|
|
<para>
|
|
Some of the early cryptographic algorithms, such as <literal>"md4"</literal>,
|
|
<literal>"md5"</literal>, and <literal>"sha1"</literal>, have been proven
|
|
to be prone to collision attacks and it is generally recommended to no
|
|
longer use these for cryptographic applications.
|
|
</para>
|
|
</caution>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</para>
|
|
|
|
<para>
|
|
See also the <link linkend="faq.passwords">FAQ on Safe Password Hashing</link>
|
|
for information on best practices for using hash functions in handling
|
|
passwords.
|
|
</para>
|
|
</preface>
|
|
<!-- }}} -->
|
|
|
|
&reference.hash.setup;
|
|
&reference.hash.constants;
|
|
&reference.hash.hashcontext;
|
|
&reference.hash.reference;
|
|
|
|
</book>
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|