PHP Class Neos\Flow\Security\Cryptography\Pbkdf2HashingStrategy

Inheritance: implements Neos\Flow\Security\Cryptography\PasswordHashingStrategyInterface
Datei anzeigen Open project: neos/flow-development-collection Class Usage Examples

Protected Properties

Property Type Description
$algorithm string Hash algorithm to use, see hash_algos()
$derivedKeyLength integer Derived key length
$dynamicSaltLength integer Length of the dynamic random salt to generate in bytes
$iterationCount integer Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible

Public Methods

Method Description
__construct ( integer $dynamicSaltLength, integer $iterationCount, integer $derivedKeyLength, string $algorithm ) Construct a PBKDF2 hashing strategy with the given parameters
hashPassword ( string $password, string $staticSalt = null ) : string Hash a password for storage using PBKDF2 and the configured parameters.
validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean Validate a password against a derived key (hashed password) and salt using PBKDF2.

Method Details

__construct() public method

Construct a PBKDF2 hashing strategy with the given parameters
public __construct ( integer $dynamicSaltLength, integer $iterationCount, integer $derivedKeyLength, string $algorithm )
$dynamicSaltLength integer Length of the dynamic random salt to generate in bytes
$iterationCount integer Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible
$derivedKeyLength integer Derived key length
$algorithm string Hash algorithm to use, see hash_algos()

hashPassword() public method

Will use a combination of a random dynamic salt and the given static salt.
public hashPassword ( string $password, string $staticSalt = null ) : string
$password string Cleartext password that should be hashed
$staticSalt string Static salt that will be appended to the random dynamic salt
return string A Base64 encoded string with the derived key (hashed password) and dynamic salt

validatePassword() public method

Iteration count and algorithm have to match the parameters when generating the derived key.
public validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean
$password string The cleartext password
$hashedPasswordAndSalt string The derived key and salt in Base64 encoding as returned by hashPassword for verification
$staticSalt string Static salt that will be appended to the dynamic salt
return boolean TRUE if the given password matches the hashed password

Property Details

$algorithm protected_oe property

Hash algorithm to use, see hash_algos()
protected string $algorithm
return string

$derivedKeyLength protected_oe property

Derived key length
protected int $derivedKeyLength
return integer

$dynamicSaltLength protected_oe property

Length of the dynamic random salt to generate in bytes
protected int $dynamicSaltLength
return integer

$iterationCount protected_oe property

Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible
protected int $iterationCount
return integer