PasswordEncryptor_Blowfish

class PasswordEncryptor_Blowfish extends PasswordEncryptor (View source)

Blowfish encryption - this is the default from SilverStripe 3.

PHP 5.3+ will provide a php implementation if there is no system version available.

Properties

protected static int $cost

Cost of encryption.

Methods

public static 
array
get_encryptors()

No description

from  PasswordEncryptor
public static 
PasswordEncryptor
create_for_algorithm(string $algorithm)

No description

from  PasswordEncryptor
public
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

public
string
salt(string $password, Member $member = null)

self::$cost param is forced to be two digits with leading zeroes for ints 4-9

public
check($hash, $password, $salt = null, $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

public static 
null
set_cost(int $cost)

Sets the cost of the blowfish algorithm.

public static 
int
get_cost()

Gets the cost that is set for the blowfish algorithm

public
encryptX($password, $salt)

No description

public
encryptY($password, $salt)

No description

public
encryptA($password, $salt)

No description

public
checkAEncryptionLevel()

The algorithm returned by using '$2a$' is not consistent - it might be either the correct (y), incorrect (x) or mostly-correct (a) version, depending on the version of PHP and the operating system, so we need to test it.

Details

in PasswordEncryptor at line 25
static array get_encryptors()

No description

Return Value

array

Map of encryptor code to the used class.

in PasswordEncryptor at line 34
static PasswordEncryptor create_for_algorithm(string $algorithm)

No description

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

at line 138
string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

The password should be hashed with salt() if applicable.

Parameters

string $password

Cleartext password to be hashed
string $salt (Optional)
Member $member (Optional)

Return Value

string

Maximum of 512 characters.

at line 245
string salt(string $password, Member $member = null)

self::$cost param is forced to be two digits with leading zeroes for ints 4-9

Parameters

string $password

Cleartext password
Member $member (Optional)

Return Value

string

Maximum of 50 characters

at line 250
check($hash, $password, $salt = null, $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Parameters

$hash
$password
$salt
$member

at line 125
static null set_cost(int $cost)

Sets the cost of the blowfish algorithm.

See PasswordEncryptor_Blowfish::$cost Cost is set as an integer but Ensure that set values are from 4-31

Parameters

int $cost

range 4-31

Return Value

null

at line 134
static int get_cost()

Gets the cost that is set for the blowfish algorithm

Return Value

int

at line 159
encryptX($password, $salt)

No description

Parameters

$password
$salt

at line 181
encryptY($password, $salt)

No description

Parameters

$password
$salt

at line 203
encryptA($password, $salt)

No description

Parameters

$password
$salt

at line 222
checkAEncryptionLevel()

The algorithm returned by using '$2a$' is not consistent - it might be either the correct (y), incorrect (x) or mostly-correct (a) version, depending on the version of PHP and the operating system, so we need to test it.