ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilBcryptPhpPasswordEncoder.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2016 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once 'Services/Password/classes/class.ilBasePasswordEncoder.php';
5
12{
16 protected $costs = '08';
17
22 public function __construct(array $config = array())
23 {
24 if(!empty($config))
25 {
26 foreach($config as $key => $value)
27 {
28 switch(strtolower($key))
29 {
30 case 'cost':
31 $this->setCosts($value);
32 break;
33 }
34 }
35 }
36
37 if(!isset($config['cost']) && static::class == self::class)
38 {
39 // Determine the costs only if they are not passed in constructor
40 $this->setCosts($this->benchmarkCost(0.05));
41 }
42
43 $this->init();
44 }
45
49 protected function init()
50 {
51 }
52
58 public function benchmarkCost($time_target = 0.05)
59 {
60 $cost = 8;
61
62 do
63 {
64 $cost++;
65 $start = microtime(true);
66 $encoder = new self(array('cost' => $cost));
67 $encoder->encodePassword('test', '');
68 $end = microtime(true);
69 }
70 while(($end - $start) < $time_target && $cost < 32);
71
72 return $cost;
73 }
74
78 public function getName()
79 {
80 return 'bcryptphp';
81 }
82
86 public function isSupportedByRuntime()
87 {
88 return parent::isSupportedByRuntime() && version_compare(phpversion(), '5.5.0', '>=');
89 }
90
94 public function getCosts()
95 {
96 return $this->costs;
97 }
98
103 public function setCosts($costs)
104 {
105 if(!empty($costs))
106 {
107 $costs = (int)$costs;
108 if($costs < 4 || $costs > 31)
109 {
110 require_once 'Services/Password/exceptions/class.ilPasswordException.php';
111 throw new ilPasswordException('The costs parameter of bcrypt must be in range 04-31');
112 }
113 $this->costs = sprintf('%1$02d', $costs);
114 }
115 }
116
121 public function encodePassword($raw, $salt)
122 {
123 if($this->isPasswordTooLong($raw))
124 {
125 require_once 'Services/Password/exceptions/class.ilPasswordException.php';
126 throw new ilPasswordException('Invalid password.');
127 }
128
129 return password_hash($raw, PASSWORD_BCRYPT, array(
130 'cost' => $this->getCosts()
131 ));
132 }
133
137 public function isPasswordValid($encoded, $raw, $salt)
138 {
139 return password_verify($raw, $encoded);
140 }
141
145 public function requiresReencoding($encoded)
146 {
147 return password_needs_rehash($encoded, PASSWORD_BCRYPT, array(
148 'cost' => $this->getCosts()
149 ));
150 }
151}
sprintf('%.4f', $callTime)
An exception for terminatinating execution or to throw for unit testing.
isPasswordTooLong($password)
Checks if the password is too long.
requiresReencoding($encoded)
{{Returns whether or not the a encoded password needs to be re-encoded.boolean}}
isPasswordValid($encoded, $raw, $salt)
{Checks a raw password against an encoded password.The raw password has to be injected into the encod...
encodePassword($raw, $salt)
{Encodes the raw password.string The encoded password}
isSupportedByRuntime()
{{Returns whether or not the encoder is supported by the runtime (PHP, HHVM, ...)boolean}}
Class for user password exception handling in ILIAS.