PHP crypt()

Updated April 3, 2023

Introduction to PHP crypt()

PHP crypt() function is a part of PHP string references whose main function is to return a hashed string using some special algorithms. PHP crypt() function is associated with the algorithms like DES, Blowfish or MD5 algorithms for its overall network and cryptographic encryption and decryption of string being passed from the crypt() function. Crypt() function vary from one function to another function in a way that behavior gets transformed accordingly to different operating system. It checks for all the available algorithms or if any need is there to install new algorithm for encryption.

Syntax:

crypt(str,salt)

• The syntax flows in a way that crypt function is a function which passes string and salt as a parameter.
• str is a required string which specifies the string needs to be hashed in a one-way fashion.
• salt is another optional parameter where a salt string to base the hashing on.
• But PHP with versions of 5+ have salt as a parameter to pass carrying different algorithms like blowfish nodes, standard DES algorithm, extended DES and the blowfish algorithm.

How crypt() Function works in PHP?

• Crypt is a one-way string hashing.
• Salt as a parameter gets passed to crypt() function is optional. But if salt parameter is not passed then that key will be considered as weak hash.
• To perform a good security, it is important to pass a very strong hashed key. A strong hash which is used to generate a strong salt and then applies a proper rounds of hash key rotation in a round robin fashion uses a password_hash.
• Using a password_hash is a recommended method in a way it acts as a wrapper on top of the algorithm and makes the algorithm compatible with one-way hashing string.
• As mentioned, these crypt() function works on an operating system which support many different operating systems which acts as a key.
• The salt parameter passed with the string to the crypt function triggers to the salt algorithm. These functionalities work with the 4 version of PHP but the versions more than 5 .
• PHP has a capability of creating an auto-generated key if no DES salt parameter is present. If in case it is related to the twelve-character key, then MD5 algorithm will create a one-way hashed key.

PHP crypt() Constants

There are following constants for crypt() function which have some values set as 0 or 1 depending on whether the given type of crypt constants is available.

1. CRYPT_STD_DES

First constant which has a two-character salt parameter passed from the alphabet. Also, supports for the values supporting the digits with numbers of uppercase 0-9 and alphabets with upper case A-Z and lower case alphabets like a-z. crypt function will get failed if some invalid characters will be used while passing the salt parameter.

Example: A program to illustrate CRYPT_STD_DES constant.

Code:

<?php
if (CRYPT_STD_DES == 1)
{
echo "Standard DES: ".crypt('educba','string')."\n";
}
else
{
echo "Do not support standard DES.\n";
}
?>

Output:

2. CRYPT_EXT_DES

This constant is a type of extension to the DES based hashing function. If the salt parameter being passed has a nine character string followed by the parameter of 4 bytes, then only the algorithm will get satisfied.

Example: A program to illustrate CRYPT_EXT_DES constant.

Code:

<?php
if (CRYPT_EXT_DES == 1)
{
echo "Extended DES: ".crypt('anu','_D8..dutta')."\n";
}
else
{
echo "It do not support for Extended DES.\n";
}
?>

Output:

3. CRYPT_MD5

This constant MD5 works with hashing function including crypt parallelly with a character of salt parameter having a length of twelve character.

Example: A program to illustrate CRYPT_MD5 constant.

Code:

<?php
if (CRYPT_MD5 == 1)
{
echo "MD5: ".crypt('mansi','$1$trying$')."\n";
}
else
{
echo "Do not support for MD5.\n";
}
?>

Output:

4. CRYPT_BLOWFISH

This constant support for the function with salt parameter containing some cost parameter ranging from “$” to 22. If the parameter value does not lie within the specified range, then it will return a string of zero-length. The cost parameter is considered as twice if the base of logarithmic value for the illustrated blowfish-based hashing algorithm. PHP versions of 5 and above supports for the given constant.

Example: A program to illustrate CRYPT_BLOWFISH constant.

Code:

<?php
if (CRYPT_BLOWFISH == 1)
{
echo "Blowfish: ".crypt('sunrise','$1b$08$mkstringexforsaltparam$')."\n";
}
else
{
echo "It do not support for Blowfish.\n";
}
?>

Output:

5. CRYPT_SHA256

SHA-256 is a constant which is part of the algorithm with a hash value of sixteen character. If in case the string gets started with the round of $N hen it indicates number of times hashed function gets called and executes with the optimization and cost factor like Blowfish algorithm. Also, if the selection of numbers does not lie outside the range then the next value of the range will get approximation to the closest value of the range.

Example: A program to illustrate CRYPT_SHA256 constant.

Code:

<?php
if (CRYPT_SHA256 == 1)
{
echo "SHA-256: ".crypt('sunfeast','$8$rounds=8000$examplestringforsaltofsalt$')."\n"; }
else
{
echo "It do not support for CRYPT_SHA256.\n";
}
?>

Output:

6. CRYPT_SHA512

This is a constant which is prefixed with some value like 6$. If the round function gets started with the value of taken round of number of salts , then it points for the optimized value same as Blowfish function. Also, it can be said that behavior of the constant is same as SHA-256 constant with just some mere differences.

Example: A program to illustrate CRYPT_SHA512 constant.

Code:

<?php
if (CRYPT_SHA512 == 1)
{
echo "SHA-512: ".crypt('things','$9$rounds=9000$xamplestringof90salt$');
}
else
{
echo " It donot support for CRYPT_SHA512 .";
}
?>

Output: