ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilBcryptPhpPasswordEncoder.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
26 class ilBcryptPhpPasswordEncoder extends ilBasePasswordEncoder
27 {
28  protected string $costs = '08';
29 
34  public function __construct(array $config = [])
35  {
36  foreach ($config as $key => $value) {
37  if (strtolower($key) === 'cost') {
38  $this->setCosts($value);
39  }
40  }
41 
42  if (!isset($config['cost']) && static::class === self::class) {
43  // Determine the costs only if they are not passed in constructor
44  $this->setCosts((string) $this->benchmarkCost());
45  }
46 
47  $this->init();
48  }
49 
50  protected function init(): void
51  {
52  }
53 
58  public function benchmarkCost(float $time_target = 0.05): int
59  {
60  $cost = 8;
61 
62  do {
63  ++$cost;
64  $start = microtime(true);
65  $encoder = new self(['cost' => (string) $cost]);
66  $encoder->encodePassword('test', '');
67  $end = microtime(true);
68  } while (($end - $start) < $time_target && $cost < 32);
69 
70  return $cost;
71  }
72 
73  public function getName(): string
74  {
75  return 'bcryptphp';
76  }
77 
78  public function getCosts(): string
79  {
80  return $this->costs;
81  }
82 
83  public function setCosts(string $costs): void
84  {
85  if ($costs !== '') {
86  $numeric_costs = (int) $costs;
87  if ($numeric_costs < 4 || $numeric_costs > 31) {
88  throw new ilPasswordException('The costs parameter of bcrypt must be in range 04-31');
89  }
90  $this->costs = sprintf('%1$02d', $numeric_costs);
91  }
92  }
93 
94  public function encodePassword(string $raw, string $salt): string
95  {
96  if ($this->isPasswordTooLong($raw)) {
97  throw new ilPasswordException('Invalid password.');
98  }
99 
100  return password_hash($raw, PASSWORD_BCRYPT, [
101  'cost' => $this->getCosts()
102  ]);
103  }
104 
105  public function isPasswordValid(string $encoded, string $raw, string $salt): bool
106  {
107  return password_verify($raw, $encoded);
108  }
109 
110  public function requiresReencoding(string $encoded): bool
111  {
112  return password_needs_rehash($encoded, PASSWORD_BCRYPT, [
113  'cost' => $this->getCosts()
114  ]);
115  }
116 }
ilBcryptPhpPasswordEncoder\getName
getName()
Returns a unique name/id of the concrete password encoder.
Definition: class.ilBcryptPhpPasswordEncoder.php:73
$config
if(!array_key_exists('PATH_INFO', $_SERVER)) $config
Definition: metadata.php:85
ilBcryptPhpPasswordEncoder\encodePassword
encodePassword(string $raw, string $salt)
Encodes the raw password.
Definition: class.ilBcryptPhpPasswordEncoder.php:94
ilPasswordException
Class for user password exception handling in ILIAS.
Definition: class.ilPasswordException.php:26
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193
ilBcryptPhpPasswordEncoder\requiresReencoding
requiresReencoding(string $encoded)
Returns whether the encoded password needs to be re-encoded.
Definition: class.ilBcryptPhpPasswordEncoder.php:110
ilBcryptPhpPasswordEncoder\isPasswordValid
isPasswordValid(string $encoded, string $raw, string $salt)
Checks a raw password against an encoded password.
Definition: class.ilBcryptPhpPasswordEncoder.php:105