ILIAS  release_8 Revision v8.24
Public Member Functions | Protected Member Functions | Protected Attributes
ilBcryptPhpPasswordEncoder Class Reference
+ Inheritance diagram for ilBcryptPhpPasswordEncoder:
+ Collaboration diagram for ilBcryptPhpPasswordEncoder:

Public Member Functions

 __construct (array $config=[])
 
 benchmarkCost (float $time_target=0.05)
 
 getName ()
 Returns a unique name/id of the concrete password encoder. More...
 
 getCosts ()
 
 setCosts (string $costs)
 
 encodePassword (string $raw, string $salt)
 Encodes the raw password. More...
 
 isPasswordValid (string $encoded, string $raw, string $salt)
 Checks a raw password against an encoded password. More...
 
 requiresReencoding (string $encoded)
 Returns whether the encoded password needs to be re-encoded. More...
 
- Public Member Functions inherited from ilBasePasswordEncoder
 isSupportedByRuntime ()
 Returns whether the encoder is supported by the runtime (PHP, HHVM, ...) More...
 
 requiresSalt ()
 Returns whether the encoder requires a salt. More...
 
 requiresReencoding (string $encoded)
 Returns whether the encoded password needs to be re-encoded. More...
 
 encodePassword (string $raw, string $salt)
 Encodes the raw password. More...
 
 isPasswordValid (string $encoded, string $raw, string $salt)
 Checks a raw password against an encoded password. More...
 
 getName ()
 Returns a unique name/id of the concrete password encoder. More...
 
 requiresSalt ()
 Returns whether the encoder requires a salt. More...
 
 requiresReencoding (string $encoded)
 Returns whether the encoded password needs to be re-encoded. More...
 
 isSupportedByRuntime ()
 Returns whether the encoder is supported by the runtime (PHP, HHVM, ...) More...
 

Protected Member Functions

 init ()
 
- Protected Member Functions inherited from ilBasePasswordEncoder
 comparePasswords (string $knownString, string $userString)
 Compares two passwords. More...
 
 isPasswordTooLong (string $password)
 

Protected Attributes

string $costs = '08'
 

Detailed Description

Definition at line 26 of file class.ilBcryptPhpPasswordEncoder.php.

Constructor & Destructor Documentation

◆ __construct()

ilBcryptPhpPasswordEncoder::__construct ( array  $config = [])
Parameters
array<string,mixed>$config
Exceptions
ilPasswordException

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 34 of file class.ilBcryptPhpPasswordEncoder.php.

35 {
36 foreach ($config as $key => $value) {
37 if (strtolower($key) === 'cost') {
38 $this->setCosts($value);
39 }
40 }
41
42 if (!isset($config['cost']) && static::class === self::class) {
43 // Determine the costs only if they are not passed in constructor
44 $this->setCosts((string) $this->benchmarkCost());
45 }
46
47 $this->init();
48 }
$config
if(!array_key_exists('PATH_INFO', $_SERVER)) $config
Definition: metadata.php:85
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193

References $config, ILIAS\LTI\ToolProvider\$key, benchmarkCost(), init(), and setCosts().

+ Here is the call graph for this function:

Member Function Documentation

◆ benchmarkCost()

ilBcryptPhpPasswordEncoder::benchmarkCost ( float  $time_target = 0.05)
See also
http://php.net/manual/en/function.password-hash.php#example-984
Exceptions
ilPasswordException

Definition at line 58 of file class.ilBcryptPhpPasswordEncoder.php.

58 : int
59 {
60 $cost = 8;
61
62 do {
63 ++$cost;
64 $start = microtime(true);
65 $encoder = new self(['cost' => (string) $cost]);
66 $encoder->encodePassword('test', '');
67 $end = microtime(true);
68 } while (($end - $start) < $time_target && $cost < 32);
69
70 return $cost;
71 }

Referenced by __construct(), and ilBcryptPhpPasswordEncoderTest\testCostsCanBeDeterminedDynamically().

+ Here is the caller graph for this function:

◆ encodePassword()

ilBcryptPhpPasswordEncoder::encodePassword ( string  $raw,
string  $salt 
)

Encodes the raw password.

Parameters
string$rawThe password to encode
string$saltThe salt
Returns
string The encoded password

Implements ilPasswordEncoder.

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 94 of file class.ilBcryptPhpPasswordEncoder.php.

94 : string
95 {
96 if ($this->isPasswordTooLong($raw)) {
97 throw new ilPasswordException('Invalid password.');
98 }
99
100 return password_hash($raw, PASSWORD_BCRYPT, [
101 'cost' => $this->getCosts()
102 ]);
103 }
ilPasswordException
Class for user password exception handling in ILIAS.
Definition: class.ilPasswordException.php:27

References getCosts(), and ilBasePasswordEncoder\isPasswordTooLong().

Referenced by ilBcryptPhpPasswordEncoderTest\testReencodingIsDetectedWhenNecessary().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCosts()

ilBcryptPhpPasswordEncoder::getCosts ( )

Definition at line 78 of file class.ilBcryptPhpPasswordEncoder.php.

78 : string
79 {
80 return $this->costs;
81 }

References $costs.

Referenced by ilBcryptPasswordEncoder\encode(), encodePassword(), requiresReencoding(), ilBcryptPasswordEncoderTest\testCostsCanBeRetrievedWhenCostsAreSet(), and ilBcryptPhpPasswordEncoderTest\testCostsCanBeRetrievedWhenCostsAreSet().

+ Here is the caller graph for this function:

◆ getName()

ilBcryptPhpPasswordEncoder::getName ( )

Returns a unique name/id of the concrete password encoder.

Implements ilPasswordEncoder.

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 73 of file class.ilBcryptPhpPasswordEncoder.php.

73 : string
74 {
75 return 'bcryptphp';
76 }

Referenced by ilBcryptPhpPasswordEncoderTest\testNameShouldBeBcryptPhp().

+ Here is the caller graph for this function:

◆ init()

ilBcryptPhpPasswordEncoder::init ( )
protected

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 50 of file class.ilBcryptPhpPasswordEncoder.php.

50 : void
51 {
52 }

Referenced by __construct().

+ Here is the caller graph for this function:

◆ isPasswordValid()

ilBcryptPhpPasswordEncoder::isPasswordValid ( string  $encoded,
string  $raw,
string  $salt 
)

Checks a raw password against an encoded password.

The raw password has to be injected into the encoder instance before.

Parameters
string$encodedAn encoded password
string$rawA raw password
string$saltThe salt, may be empty
Returns
Boolean true if the password is valid, false otherwise

Implements ilPasswordEncoder.

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 105 of file class.ilBcryptPhpPasswordEncoder.php.

105 : bool
106 {
107 return password_verify($raw, $encoded);
108 }

◆ requiresReencoding()

ilBcryptPhpPasswordEncoder::requiresReencoding ( string  $encoded)

Returns whether the encoded password needs to be re-encoded.

Reimplemented from ilBasePasswordEncoder.

Reimplemented in ilBcryptPasswordEncoder.

Definition at line 110 of file class.ilBcryptPhpPasswordEncoder.php.

110 : bool
111 {
112 return password_needs_rehash($encoded, PASSWORD_BCRYPT, [
113 'cost' => $this->getCosts()
114 ]);
115 }

References getCosts().

Referenced by ilBcryptPhpPasswordEncoderTest\testReencodingIsDetectedWhenNecessary().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setCosts()

ilBcryptPhpPasswordEncoder::setCosts ( string  $costs)

Definition at line 83 of file class.ilBcryptPhpPasswordEncoder.php.

83 : void
84 {
85 if ($costs !== '') {
86 $numeric_costs = (int) $costs;
87 if ($numeric_costs < 4 || $numeric_costs > 31) {
88 throw new ilPasswordException('The costs parameter of bcrypt must be in range 04-31');
89 }
90 $this->costs = sprintf('%1$02d', $numeric_costs);
91 }
92 }

References $costs, and ILIAS\Repository\int().

Referenced by __construct(), ilBcryptPasswordEncoderTest\testCostsCanBeRetrievedWhenCostsAreSet(), ilBcryptPhpPasswordEncoderTest\testCostsCanBeRetrievedWhenCostsAreSet(), ilBcryptPasswordEncoderTest\testCostsCanBeSetInRange(), ilBcryptPhpPasswordEncoderTest\testCostsCanBeSetInRange(), ilBcryptPasswordEncoderTest\testCostsCannotBeSetAboveRange(), ilBcryptPhpPasswordEncoderTest\testCostsCannotBeSetAboveRange(), ilBcryptPasswordEncoderTest\testCostsCannotBeSetBelowRange(), ilBcryptPhpPasswordEncoderTest\testCostsCannotBeSetBelowRange(), ilBcryptPasswordEncoderTest\testExceptionIsRaisedIfSaltIsMissingIsOnEncoding(), ilBcryptPasswordEncoderTest\testExceptionIsRaisedIfSaltIsMissingIsOnVerification(), and ilBcryptPhpPasswordEncoderTest\testReencodingIsDetectedWhenNecessary().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $costs

string ilBcryptPhpPasswordEncoder::$costs = '08'
protected

Definition at line 28 of file class.ilBcryptPhpPasswordEncoder.php.

Referenced by getCosts(), and setCosts().

The documentation for this class was generated from the following file: