CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getCountLog2 example
// Prevent DoS attacks by refusing to hash large passwords.
if (strlen($password) > PasswordInterface::PASSWORD_MAX_LENGTH) {
return FALSE;
}
// The first 12 characters of an existing hash are its setting string. $setting = substr($setting, 0, 12);
if ($setting[0] != '$' || $setting[2] != '$') {
return FALSE;
}
$count_log2 = $this->getCountLog2($setting);
// Stored hashes may have been encrypted with any iteration count. However // we do not allow applying the algorithm for unreasonable low and high // values respectively. if ($count_log2 != $this->enforceLog2Boundaries($count_log2)) {
return FALSE;
}
$salt = substr($setting, 4, 8);
// Hashes must have an 8 character salt. if (strlen($salt) != 8) {
return FALSE;
}
return FALSE;
}
// The first 12 characters of an existing hash are its setting string. $setting = substr($setting, 0, 12);
if ($setting[0] != '$' || $setting[2] != '$') {
return FALSE;
}
$count_log2 = $this->getCountLog2($setting);
// Stored hashes may have been encrypted with any iteration count. However // we do not allow applying the algorithm for unreasonable low and high // values respectively. if ($count_log2 != $this->enforceLog2Boundaries($count_log2)) {
return FALSE;
}
$salt = substr($setting, 4, 8);
// Hashes must have an 8 character salt. if (strlen($salt) != 8) {
return FALSE;
}
/**
* Tests password hashing.
*
* @covers ::hash
* @covers ::getCountLog2
* @covers ::base64Encode
* @covers ::check
* @covers ::generateSalt
* @covers ::needsRehash
*/
public function testPasswordHashing() {
$this->assertSame(PhpassHashedPassword::MIN_HASH_COUNT, $this->passwordHasher->getCountLog2($this->hashedPassword), 'Hashed password has the minimum number of log2 iterations.');
$this->assertNotEquals($this->hashedPassword, $this->md5HashedPassword, 'Password hashes not the same.');
$this->assertTrue($this->passwordHasher->check($this->password, $this->md5HashedPassword), 'Password check succeeds.');
$this->assertTrue($this->passwordHasher->check($this->password, $this->hashedPassword), 'Password check succeeds.');
// Since the log2 setting hasn't changed and the user has a valid password, // userNeedsNewHash() should return FALSE. $this->assertFalse($this->passwordHasher->needsRehash($this->hashedPassword), 'Does not need a new hash.');
}
/** * Tests password rehashing. * * @covers ::__construct * @covers ::hash * @covers ::getCountLog2 * @covers ::check * @covers ::needsRehash */
public function testPasswordHashing() {
$this->assertSame(PhpassHashedPassword::MIN_HASH_COUNT, $this->passwordHasher->getCountLog2($this->hashedPassword), 'Hashed password has the minimum number of log2 iterations.');
$this->assertNotEquals($this->hashedPassword, $this->md5HashedPassword, 'Password hashes not the same.');
$this->assertTrue($this->passwordHasher->check($this->password, $this->md5HashedPassword), 'Password check succeeds.');
$this->assertTrue($this->passwordHasher->check($this->password, $this->hashedPassword), 'Password check succeeds.');
// Since the log2 setting hasn't changed and the user has a valid password, // userNeedsNewHash() should return FALSE. $this->assertFalse($this->passwordHasher->needsRehash($this->hashedPassword), 'Does not need a new hash.');
}
/** * Tests password rehashing. * * @covers ::__construct * @covers ::hash * @covers ::getCountLog2 * @covers ::check * @covers ::needsRehash */