4require_once
'Services/Password/classes/encoders/class.ilBcryptPhpPasswordEncoder.php';
51 switch (strtolower(
$key)) {
52 case 'ignore_security_flaw':
56 case 'data_directory':
79 return PHP_VERSION_ID >= 50307;
154 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
159 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
163 return $this->
encode($raw, $salt);
172 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
212 protected function encode($raw, $user_secret)
215 $hashed_password = hash_hmac(
'whirlpool', str_pad($raw, strlen($raw) * 4, sha1($user_secret), STR_PAD_BOTH), $client_secret,
true);
216 $salt = substr(str_shuffle(str_repeat(
'./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', 22)), 0, 22);
228 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
230 'The bcrypt implementation used by PHP can contain a security flaw ' .
231 'using passwords with 8-bit characters. ' .
232 'We suggest to upgrade to PHP 5.3.7+ or use passwords with only 7-bit characters.'
237 $salted_password = crypt($hashed_password, $prefix . $this->
getCosts() .
'$' . $salt);
238 if (strlen($salted_password) <= 13) {
239 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
243 return $salted_password;
253 protected function check($encoded, $raw, $salt)
255 $hashed_password = hash_hmac(
'whirlpool', str_pad($raw, strlen($raw) * 4, sha1($salt), STR_PAD_BOTH), $this->
getClientSalt(),
true);
256 return crypt($hashed_password, substr($encoded, 0, 30)) == $encoded;
288 require_once
'Services/Password/classes/class.ilPasswordUtils.php';
301 require_once
'Services/Password/exceptions/class.ilPasswordException.php';
sprintf('%.4f', $callTime)
An exception for terminatinating execution or to throw for unit testing.
isPasswordTooLong($password)
Checks if the password is too long.
setIsSecurityFlawIgnored($is_security_flaw_ignored)
setBackwardCompatibility($backward_compatibility)
Set the backward compatibility $2a$ instead of $2y$ for PHP 5.3.7+.
__construct(array $config=array())
const SALT_STORAGE_FILENAME
encodePassword($raw, $salt)
{{Encodes the raw password.string The encoded password}}
requiresReencoding($encoded)
{{{Returns whether or not the a encoded password needs to be re-encoded.boolean}}}
isPasswordValid($encoded, $raw, $salt)
{{Checks a raw password against an encoded password.The raw password has to be injected into the enco...
isBackwardCompatibilityEnabled()
requiresSalt()
{{Returns whether or not the encoder requires a salt.boolean}}
setDataDirectory($data_directory)
check($encoded, $raw, $salt)
Verifies a bcrypt encoded string.
encode($raw, $user_secret)
Generates a bcrypt encoded string.
setClientSalt($client_salt)
$is_security_flaw_ignored
Class for user password exception handling in ILIAS.
static getBytes($length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.