‪TYPO3CMS  9.5
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | Private Attributes | List of all members
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash Class Reference
Inheritance diagram for TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash:
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt

Public Member Functions

 __construct (array $options=[])
 
bool checkPassword (string $plainPW, string $saltedHashPW)
 
bool isAvailable ()
 
string getHashedPassword (string $password, string $salt=null)
 
bool isHashUpdateNeeded (string $saltedPW)
 
bool isValidSaltedPW (string $saltedPW)
 
int getHashCount ()
 
int getMaxHashCount ()
 
int getMinHashCount ()
 
int getSaltLength ()
 
string getSetting ()
 
 setHashCount (int $hashCount=null)
 
 setMaxHashCount (int $maxHashCount=null)
 
 setMinHashCount (int $minHashCount=null)
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
string getHashedPassword (string $password)
 

Public Attributes

const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
 
const HASH_COUNT = 7
 
const MAX_HASH_COUNT = 17
 
const MIN_HASH_COUNT = 4
 

Protected Member Functions

string getGeneratedSalt ()
 
string applySettingsToSalt (string $salt)
 
int getCountLog2 (string $setting)
 
string getItoa64 ()
 
bool isValidSalt (string $salt)
 
string base64Encode (string $input, int $count)
 
int getLengthBase64FromBytes (int $byteLength)
 

Protected Attributes

const PREFIX = '$2a$'
 
array $options
 

Private Attributes

array $deprecatedPublicMethods
 

Detailed Description

Class that implements Blowfish salted hashing based on PHP's crypt() function.

Warning: Blowfish salted hashing with PHP's crypt() is not available on every system.

Definition at line 29 of file BlowfishPasswordHash.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::__construct ( array  $options = [])

Constructor sets options if given

Parameters
array$options
Exceptions

Definition at line 88 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\$options.

Member Function Documentation

◆ applySettingsToSalt()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::applySettingsToSalt ( string  $salt)
protected

Method applies settings (prefix, hash count) to a salt.

Parameters
string$salt‪A salt to apply setting to
Returns
‪string Salt with setting

Definition at line 208 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getLengthBase64FromBytes().

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getHashedPassword().

◆ base64Encode()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::base64Encode ( string  $input,
int  $count 
)
protected

Encodes bytes into printable base 64 using the *nix standard from crypt().

Parameters
string$input‪The string containing bytes to encode.
int$count‪The number of characters (bytes) to encode.
Returns
‪string Encoded string

Definition at line 284 of file BlowfishPasswordHash.php.

References $output, and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getItoa64().

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getGeneratedSalt().

◆ checkPassword()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::checkPassword ( string  $plainPW,
string  $saltedHashPW 
)

Method checks if a given plaintext password is correct by comparing it with a given salted hashed password.

Parameters
string$plainPW‪plain-text password to compare with salted hash
string$saltedHashPW‪salted hash to compare plain-text password with
Returns
‪bool TRUE, if plain-text password matches the salted hash, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 111 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSalt().

◆ getCountLog2()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getCountLog2 ( string  $setting)
protected

Parses the log2 iteration count from a stored hash or setting string.

Parameters
string$setting‪Complete hash or a hash's setting string or to get log2 iteration count from
Returns
‪int Used hashcount for given hash string

Definition at line 225 of file BlowfishPasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isHashUpdateNeeded().

◆ getGeneratedSalt()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getGeneratedSalt ( )
protected

Generates a random base 64-encoded salt prefixed and suffixed with settings for the hash.

Proper use of salts may defeat a number of attacks, including:

  • ‪The ability to try candidate passwords against multiple hashes at once.
  • ‪The ability to use pre-hashed lists of candidate passwords.
  • ‪The ability to determine whether two users have the same (or different) password without actually having to guess one of the passwords.
Returns
‪string A character string containing settings and a random salt

Definition at line 196 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\base64Encode().

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getHashedPassword().

◆ getHashCount()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getHashCount ( )

Method returns log2 number of iterations for password stretching.

Returns
‪int log2 number of iterations for password stretching
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 330 of file BlowfishPasswordHash.php.

◆ getHashedPassword()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getHashedPassword ( string  $password,
string  $salt = null 
)

Method creates a salted hash for a given plaintext password

Parameters
string$password‪plaintext password to create a salted hash from
string$salt‪Deprecated optional custom salt with setting to use
Returns
‪string Salted hashed password

Definition at line 137 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\applySettingsToSalt(), TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getGeneratedSalt(), and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSalt().

◆ getItoa64()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getItoa64 ( )
protected

Returns a string for mapping an int to the corresponding base 64 character.

Returns
‪string String for mapping an int to the corresponding base 64 character

Definition at line 242 of file BlowfishPasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\base64Encode(), and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSalt().

◆ getLengthBase64FromBytes()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getLengthBase64FromBytes ( int  $byteLength)
protected

Method determines required length of base64 characters for a given length of a byte string.

Parameters
int$byteLength‪Length of bytes to calculate in base64 chars
Returns
‪int Required length of base64 characters

Definition at line 318 of file BlowfishPasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\applySettingsToSalt(), and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSalt().

◆ getMaxHashCount()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getMaxHashCount ( )

Method returns maximum allowed log2 number of iterations for password stretching.

Returns
‪int Maximum allowed log2 number of iterations for password stretching
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 342 of file BlowfishPasswordHash.php.

◆ getMinHashCount()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getMinHashCount ( )

Method returns minimum allowed log2 number of iterations for password stretching.

Returns
‪int Minimum allowed log2 number of iterations for password stretching
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 354 of file BlowfishPasswordHash.php.

◆ getSaltLength()

int TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getSaltLength ( )

Returns length of a Blowfish salt in bytes.

Returns
‪int Length of a Blowfish salt in bytes
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 366 of file BlowfishPasswordHash.php.

◆ getSetting()

string TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::getSetting ( )

Returns setting string of Blowfish salted hashes.

Returns
‪string Setting string of Blowfish salted hashes
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 378 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\PREFIX.

◆ isAvailable()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::isAvailable ( )

Returns whether all prerequisites for the hashing methods are matched

Returns
‪bool Method available

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 125 of file BlowfishPasswordHash.php.

◆ isHashUpdateNeeded()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::isHashUpdateNeeded ( string  $saltedPW)

Checks whether a user's hashed password needs to be replaced with a new hash.

This is typically called during the login process when the plain text password is available. A new hash is needed when the desired iteration count has changed through a change in the variable $hashCount or HASH_COUNT.

Parameters
string$saltedPW‪Salted hash to check if it needs an update
Returns
‪bool TRUE if salted hash needs an update, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 163 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getCountLog2().

◆ isValidSalt()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::isValidSalt ( string  $salt)
protected

Method determines if a given string is a valid salt.

Parameters
string$salt‪String to check
Returns
‪bool TRUE if it's valid salt, otherwise FALSE

Definition at line 253 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getItoa64(), and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getLengthBase64FromBytes().

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\checkPassword(), TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getHashedPassword(), and TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSaltedPW().

◆ isValidSaltedPW()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::isValidSaltedPW ( string  $saltedPW)

Method determines if a given string is a valid salted hashed password.

Parameters
string$saltedPW‪String to check
Returns
‪bool TRUE if it's valid salted hashed password, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 176 of file BlowfishPasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\isValidSalt().

◆ setHashCount()

TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::setHashCount ( int  $hashCount = null)

Method sets log2 number of iterations for password stretching.

Parameters
int$hashCount‪log2 number of iterations for password stretching to set
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 390 of file BlowfishPasswordHash.php.

◆ setMaxHashCount()

TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::setMaxHashCount ( int  $maxHashCount = null)

Method sets maximum allowed log2 number of iterations for password stretching.

Parameters
int$maxHashCount‪Maximum allowed log2 number of iterations for password stretching to set
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 404 of file BlowfishPasswordHash.php.

◆ setMinHashCount()

TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::setMinHashCount ( int  $minHashCount = null)

Method sets minimum allowed log2 number of iterations for password stretching.

Parameters
int$minHashCount‪Minimum allowed log2 number of iterations for password stretching to set
Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 416 of file BlowfishPasswordHash.php.

Member Data Documentation

◆ $deprecatedPublicMethods

array TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::$deprecatedPublicMethods
private
Initial value:
= array(
'isValidSalt' => 'Using BlowfishPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
'base64Encode' => 'Using BlowfishPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
)

Definition at line 35 of file BlowfishPasswordHash.php.

◆ $options

array TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::$options
protected
Initial value:
= array(
'hash_count' => 7
)

The default log2 number of iterations for password stretching.

Definition at line 47 of file BlowfishPasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\__construct().

◆ HASH_COUNT

const TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::HASH_COUNT = 7

The default log2 number of iterations for password stretching.

Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 64 of file BlowfishPasswordHash.php.

◆ ITOA64

const TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

Keeps a string for mapping an int to the corresponding base 64 character.

Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 57 of file BlowfishPasswordHash.php.

◆ MAX_HASH_COUNT

const TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MAX_HASH_COUNT = 17

The default maximum allowed log2 number of iterations for password stretching.

Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 72 of file BlowfishPasswordHash.php.

◆ MIN_HASH_COUNT

const TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MIN_HASH_COUNT = 4

The default minimum allowed log2 number of iterations for password stretching.

Deprecated:
‪and will be removed in TYPO3 v10.0.

Definition at line 80 of file BlowfishPasswordHash.php.

◆ PREFIX

const TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::PREFIX = '$2a$'
protected

Prefix for the password hash.

Definition at line 43 of file BlowfishPasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash\getSetting().