MediaWiki REL1_41
|
Represents a password hash for use in authentication. More...
Inherited by Argon2Password, InvalidPassword, and ParameterizedPassword.
Public Member Functions | |
__construct (PasswordFactory $factory, array $config, string $hash=null) | |
Construct the Password object using a string hash. | |
crypt (string $password) | |
Hash a password and store the result in this object. | |
getType () | |
Get the type name of the password. | |
needsUpdate () | |
Determine if the hash needs to be updated. | |
toString () | |
Convert this hash to a string that can be stored in the database. | |
verify (string $password) | |
Checks whether the given password matches the hash stored in this object. | |
Protected Member Functions | |
assertIsSafeSize (string $hash) | |
Assert that hash will fit in a tinyblob field. | |
isSupported () | |
Whether current password type is supported on this system. | |
parseHash (?string $hash) | |
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating. | |
Protected Attributes | |
array | $config |
Array of configuration variables injected from the constructor. | |
PasswordFactory | $factory |
Factory that created the object. | |
string null | $hash |
String representation of the hash without the type. | |
Represents a password hash for use in authentication.
Note: All password types are transparently prefixed with :<TYPE>:, where <TYPE> is the registered type of the hash. This prefix is stripped in the constructor and is added back in the toString() function.
When inheriting this class, there are a couple of expectations to be fulfilled:
The abstract functions that must be overridden are:
After creating a new password hash type, it can be registered using the static Password::register() method. The default type is set using the Password::setDefaultType() type. Types must be registered before they can be set as the default.
Definition at line 61 of file Password.php.
|
final |
Construct the Password object using a string hash.
It is strongly recommended not to call this function directly unless you have a reason to. Use the PasswordFactory class instead.
MWException | If $config does not contain required parameters |
PasswordFactory | $factory | Factory object that created the password |
array | $config | Array of engine configuration options for hashing |
string | null | $hash | The raw hash, including the type |
Definition at line 96 of file Password.php.
References $hash, isSupported(), and parseHash().
|
finalprotected |
Assert that hash will fit in a tinyblob field.
This prevents MW from inserting it into the DB and having MySQL silently truncating it, locking the user out of their account.
string | $hash | The hash in question. |
PasswordError | If hash does not fit in DB. |
Definition at line 193 of file Password.php.
|
abstract |
Hash a password and store the result in this object.
The result of the password hash should be put into the internal state of the hash object.
string | $password | Password to hash |
PasswordError | If an internal error occurs in hashing |
Reimplemented in AbstractPbkdf2Password, Argon2Password, BcryptPassword, EncryptedPassword, LayeredParameterizedPassword, InvalidPassword, MWOldPassword, and MWSaltedPassword.
Referenced by LayeredParameterizedPassword\partialCrypt().
|
final |
Get the type name of the password.
Definition at line 120 of file Password.php.
|
protected |
Whether current password type is supported on this system.
Reimplemented in Argon2Password, and Pbkdf2PasswordUsingOpenSSL.
Definition at line 129 of file Password.php.
Referenced by __construct().
|
abstract |
Determine if the hash needs to be updated.
Reimplemented in Argon2Password, InvalidPassword, and ParameterizedPassword.
|
protected |
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
string | null | $hash | The hash, with the :<TYPE>: prefix stripped |
PasswordError | If there is an error in parsing the hash |
Reimplemented in BcryptPassword, and ParameterizedPassword.
Definition at line 140 of file Password.php.
Referenced by __construct().
Password::toString | ( | ) |
Convert this hash to a string that can be stored in the database.
The resulting string should be considered the serialized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.
PasswordError | if password cannot be serialized to fit a tinyblob. |
Reimplemented in Argon2Password, InvalidPassword, and ParameterizedPassword.
Definition at line 177 of file Password.php.
Password::verify | ( | string | $password | ) |
Checks whether the given password matches the hash stored in this object.
string | $password | Password to check |
Reimplemented in Argon2Password, EncryptedPassword, and InvalidPassword.
Definition at line 156 of file Password.php.
|
protected |
Array of configuration variables injected from the constructor.
Definition at line 77 of file Password.php.
|
protected |
Factory that created the object.
Definition at line 65 of file Password.php.
|
protected |
String representation of the hash without the type.
Definition at line 71 of file Password.php.
Referenced by __construct(), and AbstractPbkdf2Password\newInstance().