File: constants.xml

package info (click to toggle)
php-doc 20250827~git.abe740d%2Bdfsg-1
links: PTS, VCS
area: main
in suites: forky, sid
size: 71,968 kB
sloc: xml: 985,760; php: 25,504; javascript: 671; sh: 177; makefile: 37
file content (252 lines) | stat: -rw-r--r-- 7,551 bytes
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->

<appendix xml:id="password.constants" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
 &reftitle.constants;
 &extension.constants.core;

 <para>
  <variablelist>
   <varlistentry xml:id="constant.password-bcrypt">
    <term>
     <constant>PASSWORD_BCRYPT</constant>
     (<type>string</type>)
    </term>
    <listitem>
     <para>
      <constant>PASSWORD_BCRYPT</constant> is used to create new password
      hashes using the <constant>CRYPT_BLOWFISH</constant> algorithm.
     </para>
     <para>
      This will always result in a hash using the "$2y$" crypt format,
      which is always 60 characters wide.
     </para>
     <para>
      Supported Options:
     </para>
     <itemizedlist>
      <listitem>
       <para>
        <literal>salt</literal> (<type>string</type>) - to manually provide a salt to use when hashing the password.
        Note that this will override and prevent a salt from being automatically generated.
       </para>
       <para>
        If omitted, a random salt will be generated by <function>password_hash</function> for
        each password hashed. This is the intended mode of operation
        and as of PHP 7.0.0 the salt option has been deprecated.
       </para>
      </listitem>
      <listitem>
       <para>
        <literal>cost</literal> (<type>int</type>) - which denotes the algorithmic cost that
        should be used. Examples of these values can be found on the <function>crypt</function>
        page.
       </para>
       <para>
        If omitted, a default value of <literal>12</literal> will be used. This is a good
        baseline cost, but you may want to consider increasing it depending on your hardware.
       </para>
      </listitem>
     </itemizedlist>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-bcrypt-default-cost">
    <term>
     <constant>PASSWORD_BCRYPT_DEFAULT_COST</constant>
     (<type>int</type>)
    </term>
    <listitem>
     <para>
     </para>
     <para>
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2i">
    <term>
     <constant>PASSWORD_ARGON2I</constant>
     (<type>string</type>)
    </term>
    <listitem>
     <para>
      <constant>PASSWORD_ARGON2I</constant> is used to create new password
      hashes using the Argon2i algorithm.
     </para>
     <para>
      Supported Options:
     </para>
     <itemizedlist>
      <listitem>
       <para>
        <literal>memory_cost</literal> (<type>int</type>) - Maximum memory (in kibibytes) that may
        be used to compute the Argon2 hash. Defaults to <constant>PASSWORD_ARGON2_DEFAULT_MEMORY_COST</constant>.
       </para>
      </listitem>
      <listitem>
       <para>
        <literal>time_cost</literal> (<type>int</type>) - Maximum amount of time it may
        take to compute the Argon2 hash. Defaults to <constant>PASSWORD_ARGON2_DEFAULT_TIME_COST</constant>.
       </para>
      </listitem>
      <listitem>
       <para>
        <literal>threads</literal> (<type>int</type>) - Number of threads to use for computing
        the Argon2 hash. Defaults to <constant>PASSWORD_ARGON2_DEFAULT_THREADS</constant>.
        Only available with libargon2, not with libsodium implementation.
       </para>
      </listitem>
     </itemizedlist>
     <para>
      Available as of PHP 7.2.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2id">
    <term>
     <constant>PASSWORD_ARGON2ID</constant>
     (<type>string</type>)
    </term>
    <listitem>
     <para>
      <constant>PASSWORD_ARGON2ID</constant> is used to create new password
      hashes using the Argon2id algorithm. It supports the same options as
      <link linkend="constant.password-argon2i"><constant>PASSWORD_ARGON2I</constant></link>.
     </para>
     <para>
      Available as of PHP 7.3.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2-default-memory-cost">
    <term>
     <constant>PASSWORD_ARGON2_DEFAULT_MEMORY_COST</constant>
     (<type>int</type>)
    </term>
    <listitem>
     <para>
      Default amount of memory in bytes that will be used while trying to
      compute a hash.
     </para>
     <para>
      Available as of PHP 7.2.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2-default-time-cost">
    <term>
     <constant>PASSWORD_ARGON2_DEFAULT_TIME_COST</constant>
     (<type>int</type>)
    </term>
    <listitem>
     <para>
      Default amount of time that will be spent trying to compute a hash.
     </para>
     <para>
      Available as of PHP 7.2.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2-default-threads">
    <term>
     <constant>PASSWORD_ARGON2_DEFAULT_THREADS</constant>
     (<type>int</type>)
    </term>
    <listitem>
     <para>
      Default number of threads that Argon2lib will use.
      Not available with libsodium implementation.
     </para>
     <para>
      Available as of PHP 7.2.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-argon2-provider">
    <term>
     <constant>PASSWORD_ARGON2_PROVIDER</constant>
     (<type>string</type>)
    </term>
    <listitem>
     <para>
     </para>
     <para>
      Available as of PHP 7.4.0.
     </para>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.password-default">
    <term>
     <constant>PASSWORD_DEFAULT</constant>
     (<type>string</type>)
    </term>
    <listitem>
     <para>
      The default algorithm to use for hashing if no algorithm is provided.
      This may change in newer PHP releases when newer, stronger hashing
      algorithms are supported.
     </para>
     <para>
      It is worth noting that over time this constant can change.
      It is thus important to be aware that the length of the resulting
      hash can change.
      Therefore, when using <constant>PASSWORD_DEFAULT</constant> the resulting
      hash must be stored in a way that can store arbitrary hashes,
      the recommended width is <literal>255</literal> bytes.
     </para>
     <simpara>
      Currently is an alias for <constant>PASSWORD_BCRYPT</constant>.
     </simpara>
    </listitem>
   </varlistentry>
  </variablelist>
 </para>

 <formalpara>
  &reftitle.changelog;
  <para>
   <informaltable>
    <tgroup cols="2">
     <thead>
      <row>
       <entry>&Version;</entry>
       <entry>&Description;</entry>
      </row>
     </thead>
     <tbody>
      <row>
       <entry>7.4.0</entry>
       <entry>
        The values of the password algo IDs (<constant>PASSWORD_BCRYPT</constant>, <constant>PASSWORD_ARGON2I</constant>,
        <constant>PASSWORD_ARGON2ID</constant> and <constant>PASSWORD_DEFAULT</constant>) are now &string;s.
        Previously, they have been &integer;s.
       </entry>
      </row>
     </tbody>
    </tgroup>
   </informaltable>
  </para>
 </formalpara>

</appendix>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->