MediaWiki REL1_37
ParameterizedPassword Class Reference

Helper class for password hash types that have a delimited set of parameters inside of the hash. More...

Inheritance diagram for ParameterizedPassword:
Collaboration diagram for ParameterizedPassword:

Public Member Functions

 needsUpdate ()
 Determine if the hash needs to be updated.
 
 toString ()
 Convert this hash to a string that can be stored in the database.
 
- Public Member Functions inherited from Password
 __construct (PasswordFactory $factory, array $config, string $hash=null)
 Construct the Password object using a string hash.
 
 crypt (string $password)
 Hash a password and store the result in this object.
 
 getType ()
 Get the type name of the password.
 
 verify (string $password)
 Checks whether the given password matches the hash stored in this object.
 

Protected Member Functions

 getDefaultParams ()
 Return an ordered array of default parameters for this password hash.
 
 getDelimiter ()
 Returns the delimiter for the parameters inside the hash.
 
 parseHash (?string $hash)
 Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
Parameters
string | null$hashThe hash, with the :<TYPE>: prefix stripped
Exceptions
PasswordErrorIf there is an error in parsing the hash

 
- Protected Member Functions inherited from Password
 assertIsSafeSize (string $hash)
 Assert that hash will fit in a tinyblob field.
 
 isSupported ()
 Whether current password type is supported on this system.
 

Protected Attributes

array $args = []
 Extra arguments that were found in the hash.
 
array $params = []
 Named parameters that have default values for this password type.
 
- Protected Attributes inherited from Password
array $config
 Array of configuration variables injected from the constructor.
 
PasswordFactory $factory
 Factory that created the object.
 
string null $hash
 String representation of the hash without the type.
 

Detailed Description

Helper class for password hash types that have a delimited set of parameters inside of the hash.

All passwords are in the form of :<TYPE>:... as explained in the main Password class. This class is for hashes in the form of :<TYPE>:<PARAM1>:<PARAM2>:... where <PARAM1>, <PARAM2>, etc. are parameters that determine how the password was hashed. Of course, the internal delimiter (which is : by convention and default), can be changed by overriding the ParameterizedPassword::getDelimiter() function.

This class requires overriding an additional function: ParameterizedPassword::getDefaultParams(). See the function description for more details on the implementation.

Since
1.24

Definition at line 40 of file ParameterizedPassword.php.

Member Function Documentation

◆ getDefaultParams()

ParameterizedPassword::getDefaultParams ( )
abstractprotected

Return an ordered array of default parameters for this password hash.

The keys should be the parameter names and the values should be the default values. Additionally, the order of the array should be the order in which they appear in the hash.

When parsing a password hash, the constructor will split the hash based on the delimiter, and consume as many parts as it can, matching each to a parameter in this list. Once all the parameters have been filled, all remaining parts will be considered extra arguments, except, of course, for the very last part, which is the hash itself.

Returns
array

Reimplemented in BcryptPassword, EncryptedPassword, LayeredParameterizedPassword, MWOldPassword, MWSaltedPassword, and Pbkdf2Password.

Referenced by parseHash().

◆ getDelimiter()

ParameterizedPassword::getDelimiter ( )
abstractprotected

Returns the delimiter for the parameters inside the hash.

Returns
string

Reimplemented in BcryptPassword, EncryptedPassword, LayeredParameterizedPassword, MWOldPassword, MWSaltedPassword, and Pbkdf2Password.

Referenced by LayeredParameterizedPassword\partialCrypt().

◆ needsUpdate()

ParameterizedPassword::needsUpdate ( )

Determine if the hash needs to be updated.

Returns
bool True if needs update, false otherwise

Reimplemented from Password.

Definition at line 86 of file ParameterizedPassword.php.

◆ parseHash()

ParameterizedPassword::parseHash ( ?string  $hash)
protected

Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.

Parameters
string | null$hashThe hash, with the :<TYPE>: prefix stripped
Exceptions
PasswordErrorIf there is an error in parsing the hash

Reimplemented from Password.

Reimplemented in BcryptPassword.

Definition at line 57 of file ParameterizedPassword.php.

References getDefaultParams().

◆ toString()

ParameterizedPassword::toString ( )

Convert this hash to a string that can be stored in the database.

The resulting string should be considered the seralized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.

Returns
string
Exceptions
PasswordErrorif password cannot be serialized to fit a tinyblob.

Reimplemented from Password.

Definition at line 90 of file ParameterizedPassword.php.

Member Data Documentation

◆ $args

array ParameterizedPassword::$args = []
protected

Extra arguments that were found in the hash.

This may or may not make the hash invalid.

Definition at line 52 of file ParameterizedPassword.php.

◆ $params

array ParameterizedPassword::$params = []
protected

Named parameters that have default values for this password type.

Definition at line 45 of file ParameterizedPassword.php.


The documentation for this class was generated from the following file: