db/d97/class_8ilBasePasswordEncoder_8php_source.html

<?php

/* Copyright (c) 1998-2014 ILIAS open source, Extended GPL, see docs/LICENSE */


require_once 'Services/Password/interfaces/interface.ilPasswordEncoder.php';


abstract class ilBasePasswordEncoder implements ilPasswordEncoder

{

        const MAX_PASSWORD_LENGTH = 4096;


        protected function comparePasswords($known_string, $user_string)

        {

                // Prevent issues if string length is 0

                $known_string .= chr(0);

                $user_string  .= chr(0);


                $known_string_length = strlen($known_string);

                $user_string_length  = strlen($user_string);


                // Set the result to the difference between the lengths

                $result = $known_string_length - $user_string_length;


                // Note that we ALWAYS iterate over the user-supplied length

                // This is to prevent leaking length information

                for($i = 0; $i < $user_string_length; $i++)

                {

                        // Using % here is a trick to prevent notices

                        // It's safe, since if the lengths are different

                        // $result is already non-0

                        $result |= (ord($known_string[$i % $known_string_length]) ^ ord($user_string[$i]));

                }


                // They are only identical strings if $result is exactly 0...

                return 0 === $result;

        }


        protected function isPasswordTooLong($password)

        {

                return strlen($password) > self::MAX_PASSWORD_LENGTH;

        }


        public function isSupportedByRuntime()

        {

                return true;

        }


        public function requiresSalt()

        {

                return false;

        }


        public function requiresReencoding($encoded)

        {

                return false;

        }

}

$result
$result
Definition: CleanUpTest.php:407

php
An exception for terminatinating execution or to throw for unit testing.

ilBasePasswordEncoder
Definition: class.ilBasePasswordEncoder.php:12

ilBasePasswordEncoder\requiresSalt
requiresSalt()
{Returns whether or not the encoder requires a salt.boolean}
Definition: class.ilBasePasswordEncoder.php:74

ilBasePasswordEncoder\comparePasswords
comparePasswords($known_string, $user_string)
Compares two passwords.
Definition: class.ilBasePasswordEncoder.php:27

ilBasePasswordEncoder\isPasswordTooLong
isPasswordTooLong($password)
Checks if the password is too long.
Definition: class.ilBasePasswordEncoder.php:58

ilBasePasswordEncoder\isSupportedByRuntime
isSupportedByRuntime()
{Returns whether or not the encoder is supported by the runtime (PHP, HHVM, ...)boolean}
Definition: class.ilBasePasswordEncoder.php:66

ilBasePasswordEncoder\MAX_PASSWORD_LENGTH
const MAX_PASSWORD_LENGTH
Definition: class.ilBasePasswordEncoder.php:16

ilBasePasswordEncoder\requiresReencoding
requiresReencoding($encoded)
{Returns whether or not the a encoded password needs to be re-encoded.boolean}
Definition: class.ilBasePasswordEncoder.php:82

ilPasswordEncoder
Definition: interface.ilPasswordEncoder.php:10