ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilBcryptPhpPasswordEncoder.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2016 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once 'Services/Password/classes/class.ilBasePasswordEncoder.php';
5
12{
16 protected $costs = '08';
17
22 public function __construct(array $config = array())
23 {
24 if (!empty($config)) {
25 foreach ($config as $key => $value) {
26 switch (strtolower($key)) {
27 case 'cost':
28 $this->setCosts($value);
29 break;
30 }
31 }
32 }
33
34 if (!isset($config['cost']) && static::class == self::class) {
35 // Determine the costs only if they are not passed in constructor
36 $this->setCosts($this->benchmarkCost(0.05));
37 }
38
39 $this->init();
40 }
41
45 protected function init()
46 {
47 }
48
54 public function benchmarkCost($time_target = 0.05)
55 {
56 $cost = 8;
57
58 do {
59 $cost++;
60 $start = microtime(true);
61 $encoder = new self(array('cost' => $cost));
62 $encoder->encodePassword('test', '');
63 $end = microtime(true);
64 } while (($end - $start) < $time_target && $cost < 32);
65
66 return $cost;
67 }
68
72 public function getName()
73 {
74 return 'bcryptphp';
75 }
76
80 public function isSupportedByRuntime()
81 {
82 return parent::isSupportedByRuntime() && version_compare(phpversion(), '5.5.0', '>=');
83 }
84
88 public function getCosts()
89 {
90 return $this->costs;
91 }
92
97 public function setCosts($costs)
98 {
99 if (!empty($costs)) {
100 $costs = (int) $costs;
101 if ($costs < 4 || $costs > 31) {
102 require_once 'Services/Password/exceptions/class.ilPasswordException.php';
103 throw new ilPasswordException('The costs parameter of bcrypt must be in range 04-31');
104 }
105 $this->costs = sprintf('%1$02d', $costs);
106 }
107 }
108
113 public function encodePassword($raw, $salt)
114 {
115 if ($this->isPasswordTooLong($raw)) {
116 require_once 'Services/Password/exceptions/class.ilPasswordException.php';
117 throw new ilPasswordException('Invalid password.');
118 }
119
120 return password_hash($raw, PASSWORD_BCRYPT, array(
121 'cost' => $this->getCosts()
122 ));
123 }
124
128 public function isPasswordValid($encoded, $raw, $salt)
129 {
130 return password_verify($raw, $encoded);
131 }
132
136 public function requiresReencoding($encoded)
137 {
138 return password_needs_rehash($encoded, PASSWORD_BCRYPT, array(
139 'cost' => $this->getCosts()
140 ));
141 }
142}
sprintf('%.4f', $callTime)
An exception for terminatinating execution or to throw for unit testing.
isPasswordTooLong($password)
Checks if the password is too long.
requiresReencoding($encoded)
{{Returns whether or not the a encoded password needs to be re-encoded.boolean}}
isPasswordValid($encoded, $raw, $salt)
{Checks a raw password against an encoded password.The raw password has to be injected into the encod...
encodePassword($raw, $salt)
{Encodes the raw password.string The encoded password}
isSupportedByRuntime()
{{Returns whether or not the encoder is supported by the runtime (PHP, HHVM, ...)boolean}}
Class for user password exception handling in ILIAS.
$key
Definition: croninfo.php:18
$end
Definition: saml1-acs.php:18