MediaWiki REL1_31
ParameterizedPassword Class Reference

Helper class for password hash types that have a delimited set of parameters inside of the hash. More...

Inheritance diagram for ParameterizedPassword:
Collaboration diagram for ParameterizedPassword:

Public Member Functions

 needsUpdate ()
 Determine if the hash needs to be updated.
 
 toString ()
 Convert this hash to a string that can be stored in the database.
 
- Public Member Functions inherited from Password
 __construct (PasswordFactory $factory, array $config, $hash=null)
 Construct the Password object using a string hash.
 
 crypt ( $password)
 Hash a password and store the result in this object.
 
 equals ( $other)
 Compare one Password object to this object.
 
 getType ()
 Get the type name of the password.
 

Protected Member Functions

 getDefaultParams ()
 Return an ordered array of default parameters for this password hash.
 
 getDelimiter ()
 Returns the delimiter for the parameters inside the hash.
 
 parseHash ( $hash)
 Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
 
- Protected Member Functions inherited from Password
 assertIsSafeSize ( $hash)
 Assert that hash will fit in a tinyblob field.
 

Protected Attributes

array $args = []
 Extra arguments that were found in the hash.
 
array $params = []
 Named parameters that have default values for this password type.
 
- Protected Attributes inherited from Password
array $config
 Array of configuration variables injected from the constructor.
 
PasswordFactory $factory
 Factory that created the object.
 
string $hash
 String representation of the hash without the type.
 

Additional Inherited Members

- Public Attributes inherited from Password
const MAX_HASH_SIZE = 255
 Hash must fit in user_password, which is a tinyblob.
 

Detailed Description

Helper class for password hash types that have a delimited set of parameters inside of the hash.

All passwords are in the form of :<TYPE>:... as explained in the main Password class. This class is for hashes in the form of :<TYPE>:<PARAM1>:<PARAM2>:... where <PARAM1>, <PARAM2>, etc. are parameters that determine how the password was hashed. Of course, the internal delimiter (which is : by convention and default), can be changed by overriding the ParameterizedPassword::getDelimiter() function.

This class requires overriding an additional function: ParameterizedPassword::getDefaultParams(). See the function description for more details on the implementation.

Since
1.24

Definition at line 38 of file ParameterizedPassword.php.

Member Function Documentation

◆ getDefaultParams()

ParameterizedPassword::getDefaultParams ( )
abstractprotected

Return an ordered array of default parameters for this password hash.

The keys should be the parameter names and the values should be the default values. Additionally, the order of the array should be the order in which they appear in the hash.

When parsing a password hash, the constructor will split the hash based on the delimiter, and consume as many parts as it can, matching each to a parameter in this list. Once all the parameters have been filled, all remaining parts will be considered extra arguments, except, of course, for the very last part, which is the hash itself.

Returns
array

Reimplemented in BcryptPassword, EncryptedPassword, LayeredParameterizedPassword, MWOldPassword, MWSaltedPassword, and Pbkdf2Password.

Referenced by needsUpdate(), and parseHash().

◆ getDelimiter()

ParameterizedPassword::getDelimiter ( )
abstractprotected

Returns the delimiter for the parameters inside the hash.

Returns
string

Reimplemented in BcryptPassword, EncryptedPassword, LayeredParameterizedPassword, MWOldPassword, MWSaltedPassword, and Pbkdf2Password.

Referenced by parseHash(), and toString().

◆ needsUpdate()

ParameterizedPassword::needsUpdate ( )

Determine if the hash needs to be updated.

Returns
bool True if needs update, false otherwise

Reimplemented from Password.

Definition at line 81 of file ParameterizedPassword.php.

References getDefaultParams().

◆ parseHash()

ParameterizedPassword::parseHash ( $hash)
protected

Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.

Parameters
string$hashThe hash, with the :<TYPE>: prefix stripped
Exceptions
PasswordErrorIf there is an error in parsing the hash

Reimplemented from Password.

Reimplemented in BcryptPassword.

Definition at line 52 of file ParameterizedPassword.php.

References Password\$hash, getDefaultParams(), and getDelimiter().

◆ toString()

ParameterizedPassword::toString ( )

Convert this hash to a string that can be stored in the database.

The resulting string should be considered the seralized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.

Returns
string
Exceptions
PasswordErrorif password cannot be serialized to fit a tinyblob.

Reimplemented from Password.

Definition at line 85 of file ParameterizedPassword.php.

References Password\$hash, $res, Password\assertIsSafeSize(), and getDelimiter().

Member Data Documentation

◆ $args

array ParameterizedPassword::$args = []
protected

Extra arguments that were found in the hash.

This may or may not make the hash invalid.

Definition at line 50 of file ParameterizedPassword.php.

Referenced by LayeredParameterizedPassword\crypt(), and LayeredParameterizedPassword\partialCrypt().

◆ $params

array ParameterizedPassword::$params = []
protected

Named parameters that have default values for this password type.

Definition at line 43 of file ParameterizedPassword.php.

Referenced by LayeredParameterizedPassword\crypt(), LayeredParameterizedPassword\getDefaultParams(), and LayeredParameterizedPassword\partialCrypt().


The documentation for this class was generated from the following file: