Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Password-Based Key Derivation Function (PBKDF2) service provider for the Silex microframework
Latest commit 6abbe9f @nrk Fix configuration of the service provider.
The recent addition of `boot()` in Silex actually changed how services
are exposed and accessible during the registration phase of service


This service provider for Silex enables developers to seamlessly leverage the Password-Based Key Derivation Function (PBKDF2) in their web applications. It can automatically choose between a pure-PHP implementation of the algorithm or, if available in the hash extension, the C-based function hash_pbkdf2() proposed in PHP #60813.

Getting started

Using this service provider is easy, all you need to do is register its namespace in the autoloader stack and register an instance of the service provider in the silex application:

/* ... */
    'Nrk\PBKDF2' => __DIR__.'/../vendor/PBKDF2ServiceProvider/lib',

$app->register(new Nrk\PBKDF2\PBKDF2ServiceProvider(), array(
    'pbkdf2.salt' => 'my_salt_string',

$app->get('/', function(Silex\Application $app) {
    $key = $app['pbkdf2']('my_password');

If you are using Composer to manage the dependencies of your Silex application (which is highly recommended anyway) you do not need to register the namespace in the autoloader stack since this step is managed for you by Composer itself.

The only required parameter when registering the service provider instance is pbkdf2.salt which stores the salt string used on each supplied password to calculate the resulting key. Optionally pbkdf2.salt can be omitted, but then you must provide a salt string as the second parameter of the generator method. This can be useful when you want to use dynamically generated salt strings for each password.

$key = $app['pbkdf2']('my_password', 'my_salt_string');

This is the full list of customizable parameters supported by PBKDF2ServiceProvider:

  • pbkdf2.salt: common salt string used for each password.
  • pbkdf2.algorithm: hashing algorithm used to generate the key [default: sha1].
  • pbkdf2.key_length: length in bytes of the resulting key [default: 160].
  • pbkdf2.iterations: number of hash iterations performed on the password and salt [default: 1000].
  • pbkdf2.function: custom function used to generate the key [default: pure-PHP function or hash_pbkdf2() if available].


In order to be able to run the test suite of the provider you must download Composer in the root of the repository and then install the needed dependencies.

$ wget
$ php composer.phar install
$ phpunit


  • PHP >= 5.3.2

Project links



The code for PBKDF2ServiceProvider is distributed under the terms of the MIT license (see LICENSE).

Something went wrong with that request. Please try again.