Inheritance diagram for ilBasePasswordEncoder:

Collaboration diagram for ilBasePasswordEncoder:

Public Member Functions

isSupportedByRuntime ()

{Returns whether or not the encoder is supported by the runtime (PHP, HHVM, ...)

Returns: boolean

} More...

requiresSalt ()

{Returns whether or not the encoder requires a salt.

Returns: boolean

} More...

requiresReencoding ($encoded)

{Returns whether or not the a encoded password needs to be re-encoded.

Parameters

$encoded string

Returns: boolean

} More...

Public Member Functions inherited from ilPasswordEncoder

encodePassword ($raw, $salt)

Encodes the raw password. More...

isPasswordValid ($encoded, $raw, $salt)

Checks a raw password against an encoded password. More...

getName ()

Returns a unique name/id of the concrete password encoder. More...

Data Fields
const	MAX_PASSWORD_LENGTH = 4096

Protected Member Functions
	comparePasswords ($known_string, $user_string)
	Compares two passwords. More...

	isPasswordTooLong ($password)
	Checks if the password is too long. More...

Detailed Description

Definition at line 11 of file class.ilBasePasswordEncoder.php.

Member Function Documentation

◆ comparePasswords()

ilBasePasswordEncoder::comparePasswords	(	$known_string,
		$user_string
	)

protected

Compares two passwords.

This method implements a constant-time algorithm to compare passwords to avoid (remote) timing attacks. http://codahale.com/a-lesson-in-timing-attacks/

Parameters

string	$known_string	The first password
string	$user_string	The second password

Returns: Boolean true if the two passwords are the same, false otherwise

Definition at line 27 of file class.ilBasePasswordEncoder.php.

References $result.

Referenced by ilMd5PasswordEncoder\isPasswordValid().

         {
                 // Prevent issues if string length is 0
                 $known_string .= chr(0);
                 $user_string  .= chr(0);
 
                 $known_string_length = strlen($known_string);
                 $user_string_length  = strlen($user_string);
 
                 // Set the result to the difference between the lengths
                 $result = $known_string_length - $user_string_length;
 
                 // Note that we ALWAYS iterate over the user-supplied length
                 // This is to prevent leaking length information
                 for($i = 0; $i < $user_string_length; $i++)
                 {
                         // Using % here is a trick to prevent notices
                         // It's safe, since if the lengths are different
                         // $result is already non-0
                         $result |= (ord($known_string[$i % $known_string_length]) ^ ord($user_string[$i]));
                 }
 
                 // They are only identical strings if $result is exactly 0...
                 return 0 === $result;
         }

Here is the caller graph for this function:

◆ isPasswordTooLong()

ilBasePasswordEncoder::isPasswordTooLong ( $password )

protected

Checks if the password is too long.

Parameters

string $password The password

Returns: bool true if the password is too long, false otherwise

Definition at line 58 of file class.ilBasePasswordEncoder.php.

Referenced by ilMd5PasswordEncoder\encodePassword(), ilBcryptPhpPasswordEncoder\encodePassword(), ilBcryptPasswordEncoder\encodePassword(), ilMd5PasswordEncoder\isPasswordValid(), and ilBcryptPasswordEncoder\isPasswordValid().

         {
                 return strlen($password) > self::MAX_PASSWORD_LENGTH;
         }

Here is the caller graph for this function:

◆ isSupportedByRuntime()

ilBasePasswordEncoder::isSupportedByRuntime ( )

{Returns whether or not the encoder is supported by the runtime (PHP, HHVM, ...)

Returns: boolean

}

Implements ilPasswordEncoder.

Definition at line 66 of file class.ilBasePasswordEncoder.php.

         {
                 return true;
         }

◆ requiresReencoding()

ilBasePasswordEncoder::requiresReencoding ( $encoded )

{Returns whether or not the a encoded password needs to be re-encoded.

Parameters

$encoded string

Returns: boolean

}

Implements ilPasswordEncoder.

Definition at line 82 of file class.ilBasePasswordEncoder.php.

Referenced by ilMd5PasswordEncoderTest\testEncoderDoesNotSupportReencoding().

         {
                 return false;
         }

Here is the caller graph for this function:

◆ requiresSalt()

ilBasePasswordEncoder::requiresSalt ( )

{Returns whether or not the encoder requires a salt.

Returns: boolean

}

Implements ilPasswordEncoder.

Definition at line 74 of file class.ilBasePasswordEncoder.php.

Referenced by ilMd5PasswordEncoderTest\testEncoderDoesNotRelyOnSalts(), and ilBcryptPhpPasswordEncoderTest\testEncoderDoesNotRelyOnSalts().

         {
                 return false;
         }

Here is the caller graph for this function:

Field Documentation

◆ MAX_PASSWORD_LENGTH

const ilBasePasswordEncoder::MAX_PASSWORD_LENGTH = 4096

Definition at line 16 of file class.ilBasePasswordEncoder.php.

The documentation for this class was generated from the following file:

Services/Password/classes/class.ilBasePasswordEncoder.php

Public Member Functions

Data Fields

Protected Member Functions

Detailed Description

Member Function Documentation

◆ comparePasswords()

◆ isPasswordTooLong()

◆ isSupportedByRuntime()

◆ requiresReencoding()

◆ requiresSalt()

Field Documentation

◆ MAX_PASSWORD_LENGTH