PHP Class Neos\Flow\Security\Cryptography\Pbkdf2HashingStrategy

Inheritance: implements Neos\Flow\Security\Cryptography\PasswordHashingStrategyInterface
Afficher le fichier Open project: neos/flow-development-collection Class Usage Examples

Protected Properties

Свойство Type Description
$algorithm string Hash algorithm to use, see hash_algos()
$derivedKeyLength integer Derived key length
$dynamicSaltLength integer Length of the dynamic random salt to generate in bytes
$iterationCount integer Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible

Méthodes publiques

Méthode Description
__construct ( integer $dynamicSaltLength, integer $iterationCount, integer $derivedKeyLength, string $algorithm ) Construct a PBKDF2 hashing strategy with the given parameters
hashPassword ( string $password, string $staticSalt = null ) : string Hash a password for storage using PBKDF2 and the configured parameters.
validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean Validate a password against a derived key (hashed password) and salt using PBKDF2.

Method Details

__construct() public méthode

Construct a PBKDF2 hashing strategy with the given parameters
public __construct ( integer $dynamicSaltLength, integer $iterationCount, integer $derivedKeyLength, string $algorithm )
$dynamicSaltLength integer Length of the dynamic random salt to generate in bytes
$iterationCount integer Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible
$derivedKeyLength integer Derived key length
$algorithm string Hash algorithm to use, see hash_algos()

hashPassword() public méthode

Will use a combination of a random dynamic salt and the given static salt.
public hashPassword ( string $password, string $staticSalt = null ) : string
$password string Cleartext password that should be hashed
$staticSalt string Static salt that will be appended to the random dynamic salt
Résultat string A Base64 encoded string with the derived key (hashed password) and dynamic salt

validatePassword() public méthode

Iteration count and algorithm have to match the parameters when generating the derived key.
public validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean
$password string The cleartext password
$hashedPasswordAndSalt string The derived key and salt in Base64 encoding as returned by hashPassword for verification
$staticSalt string Static salt that will be appended to the dynamic salt
Résultat boolean TRUE if the given password matches the hashed password

Property Details

$algorithm protected_oe property

Hash algorithm to use, see hash_algos()
protected string $algorithm
Résultat string

$derivedKeyLength protected_oe property

Derived key length
protected int $derivedKeyLength
Résultat integer

$dynamicSaltLength protected_oe property

Length of the dynamic random salt to generate in bytes
protected int $dynamicSaltLength
Résultat integer

$iterationCount protected_oe property

Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible
protected int $iterationCount
Résultat integer