class PasswordEncryptor_Blowfish extends PasswordEncryptor (View source)

Blowfish encryption - this is the default from SilverStripe 3.

PHP 5.3+ will provide a php implementation if there is no system version available.

Properties

protected static $cost

Cost of encryption.

Methods

public static 
array
get_encryptors()

No description

public static 
create_for_algorithm(string $algorithm)

No description

public
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

public
string
salt(string $password, Member $member = null)

PasswordEncryptor_Blowfish::$cost param is forced to be two digits with leading zeroes for ints 4-9

public
bool
check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

public static 
set_cost(int $cost)

Sets the cost of the blowfish algorithm.

public static 
int
get_cost()

Gets the cost that is set for the blowfish algorithm

public
encryptX($password, $salt)

No description

public
encryptY($password, $salt)

No description

public
encryptA($password, $salt)

No description

public
checkAEncryptionLevel()

The algorithm returned by using '$2a$' is not consistent - it might be either the correct (y), incorrect (x) or mostly-correct (a) version, depending on the version of PHP and the operating system, so we need to test it.

Details

static array get_encryptors()

No description

Return Value

array

Map of encryptor code to the used class.

static PasswordEncryptor create_for_algorithm(string $algorithm)

No description

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

The password should be hashed with salt() if applicable.

Parameters

string $password

Cleartext password to be hashed

string $salt (Optional)
Member $member (Optional)

Return Value

string

Maximum of 512 characters.

string salt(string $password, Member $member = null)

PasswordEncryptor_Blowfish::$cost param is forced to be two digits with leading zeroes for ints 4-9

Parameters

string $password

Cleartext password

Member $member (Optional)

Return Value

string

Maximum of 50 characters

bool check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Parameters

string $hash
string $password
string $salt
Member $member

Return Value

bool

static set_cost(int $cost)

Sets the cost of the blowfish algorithm.

See PasswordEncryptor_Blowfish::$cost Cost is set as an integer but Ensure that set values are from 4-31

Parameters

int $cost

range 4-31

static int get_cost()

Gets the cost that is set for the blowfish algorithm

Return Value

int

encryptX($password, $salt)

No description

Parameters

$password
$salt

encryptY($password, $salt)

No description

Parameters

$password
$salt

encryptA($password, $salt)

No description

Parameters

$password
$salt

checkAEncryptionLevel()

The algorithm returned by using '$2a$' is not consistent - it might be either the correct (y), incorrect (x) or mostly-correct (a) version, depending on the version of PHP and the operating system, so we need to test it.