A PBKDF2-hashed password. More...
Inherits MediaWiki\Password\ParameterizedPassword.
Inherited by MediaWiki\Password\Pbkdf2PasswordUsingHashExtension, and MediaWiki\Password\Pbkdf2PasswordUsingOpenSSL.
Public Member Functions | |
| crypt (string $password) | |
| Hash a password and store the result in this object. | |
 Public Member Functions inherited from MediaWiki\Password\ParameterizedPassword | |
| needsUpdate () | |
| Determine if the hash needs to be updated. | |
| toString () | |
| Convert this hash to a string that can be stored in the database. | |
| Public Member Functions inherited from MediaWiki\Password\Password | |
| __construct (PasswordFactory $factory, array $config, ?string $hash=null) | |
| Construct the Password object using a string hash. | |
| getType () | |
| Get the type name of the password. | |
| verify (string $password) | |
| Checks whether the given password matches the hash stored in this object. | |
Protected Member Functions | ||||||
| getDefaultParams () | ||||||
| Return an ordered array of default parameters for this password hash. | ||||||
| getDelimiter () | ||||||
| Returns the delimiter for the parameters inside the hash. | ||||||
| getDigestAlgo (string $algo) | ||||||
| Get the implementation specific name for a hash algorithm. | ||||||
| pbkdf2 (string $digestAlgo, string $password, string $salt, int $rounds, int $length) | ||||||
| Call the PBKDF2 implementation, which hashes the password. | ||||||
| Protected Member Functions inherited from MediaWiki\Password\ParameterizedPassword | ||||||
| parseHash (?string $hash) | ||||||
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
| ||||||
| Protected Member Functions inherited from MediaWiki\Password\Password | ||||||
| assertIsSafeSize (string $hash) | ||||||
| Assert that hash will fit in a tinyblob field. | ||||||
| isSupported () | ||||||
| Whether current password type is supported on this system. | ||||||
Additional Inherited Members | |
| Protected Attributes inherited from MediaWiki\Password\ParameterizedPassword | |
| string[] | $args = [] |
| Extra arguments that were found in the hash. | |
| array | $params = [] |
| Named parameters that have default values for this password type. | |
| Protected Attributes inherited from MediaWiki\Password\Password | |
| array | $config |
| Array of configuration variables injected from the constructor. | |
| PasswordFactory | $factory |
| Factory that created the object. | |
| string null | $hash |
| String representation of the hash without the type. | |
Detailed Description
A PBKDF2-hashed password.
This is a computationally complex password hash for use in modern applications. The number of rounds can be configured by $wgPasswordConfig['pbkdf2']['cost'].
To support different native implementations of PBKDF2 and the underlying hash algorithms, the following subclasses are available:
- Pbkdf2PasswordUsingOpenSSL is the preferred, more efficient option and is used by default.
- Pbkdf2PasswordUsingHashExtension provides compatibility with PBKDF2 password hashes computed using legacy algorithms.
- Since
- 1.40
Definition at line 43 of file AbstractPbkdf2Password.php.
Member Function Documentation
◆ crypt()
| MediaWiki\Password\AbstractPbkdf2Password::crypt | ( | string | $password | ) |
Hash a password and store the result in this object.
The result of the password hash should be put into the internal state of the hash object.
- Parameters
-
string $password Password to hash
- Exceptions
-
PasswordError If an internal error occurs in hashing
Reimplemented from MediaWiki\Password\Password.
Definition at line 56 of file AbstractPbkdf2Password.php.
◆ getDefaultParams()
|
protected |
Return an ordered array of default parameters for this password hash.
The keys should be the parameter names and the values should be the default values. Additionally, the order of the array should be the order in which they appear in the hash.
When parsing a password hash, the constructor will split the hash based on the delimiter, and consume as many parts as it can, matching each to a parameter in this list. Once all the parameters have been filled, all remaining parts will be considered extra arguments, except, of course, for the very last part, which is the hash itself.
- Returns
- array
Reimplemented from MediaWiki\Password\ParameterizedPassword.
Definition at line 44 of file AbstractPbkdf2Password.php.
◆ getDelimiter()
|
protected |
Returns the delimiter for the parameters inside the hash.
- Returns
- string
Reimplemented from MediaWiki\Password\ParameterizedPassword.
Definition at line 52 of file AbstractPbkdf2Password.php.
◆ getDigestAlgo()
|
abstractprotected |
Get the implementation specific name for a hash algorithm.
- Parameters
-
string $algo Algorithm specified in the password hash string
- Returns
- string|null $algo Implementation specific name, or null if unsupported
Reimplemented in MediaWiki\Password\Pbkdf2PasswordUsingHashExtension, and MediaWiki\Password\Pbkdf2PasswordUsingOpenSSL.
◆ pbkdf2()
|
abstractprotected |
Call the PBKDF2 implementation, which hashes the password.
- Parameters
-
string $digestAlgo Implementation specific hash algorithm name string $password Password to hash string $salt Salt as a binary string int $rounds Number of iterations int $length Length of the hash value in bytes
- Returns
- string Hash value as a binary string
- Exceptions
-
PasswordError If an internal error occurs in hashing
Reimplemented in MediaWiki\Password\Pbkdf2PasswordUsingHashExtension, and MediaWiki\Password\Pbkdf2PasswordUsingOpenSSL.
The documentation for this class was generated from the following file:
- includes/password/AbstractPbkdf2Password.php
