diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

applies base64 encoding directly to the binary data instead of their hexadecimal representation

Browse Source
This commit is contained in:
Johannes M. Schmitt 2010-10-23 11:48:26 +02:00 committed by Fabien Potencier
parent 6885f90f17
commit 3463f47698
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Symfony/Component/Security/Encoder/MessageDigestPasswordEncoder.php
View File

@ -26,7 +26,7 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
*
* @param string $algorithm The digest algorithm to use
* @param Boolean $encodeHashAsBase64 Whether to base64 encode the password hash
* @param integer $iterations The number of iterations to use to stretch the password
* @param integer $iterations The number of iterations to use to stretch the password hash
*/
public function __construct($algorithm = 'sha256', $encodeHashAsBase64 = false, $iterations = 1)
{
@ -45,14 +45,14 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
}
$salted = $this->mergePasswordAndSalt($raw, $salt);
$digest = hash($this->algorithm, $salted);
$digest = hash($this->algorithm, $salted, true);
// "stretch" hash
for ($i = 1; $i < $this->iterations; $i++) {
$digest = hash($this->algorithm, $digest);
$digest = hash($this->algorithm, $digest, true);
}
return $this->encodeHashAsBase64 ? base64_encode($digest) : $digest;
return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
}
/**

4
tests/Symfony/Tests/Component/Security/Encoder/MessageDigestPasswordEncoderTest.php
View File

@ -27,10 +27,10 @@ class MessageDigestPasswordEncoderTest extends \PHPUnit_Framework_TestCase
$this->assertSame(hash('sha256', 'password'), $encoder->encodePassword('password', ''));
$encoder = new MessageDigestPasswordEncoder('sha256', true);
$this->assertSame(base64_encode(hash('sha256', 'password')), $encoder->encodePassword('password', ''));
$this->assertSame(base64_encode(hash('sha256', 'password', true)), $encoder->encodePassword('password', ''));
$encoder = new MessageDigestPasswordEncoder('sha256', false, 2);
$this->assertSame(hash('sha256', hash('sha256', 'password')), $encoder->encodePassword('password', ''));
$this->assertSame(hash('sha256', hash('sha256', 'password', true)), $encoder->encodePassword('password', ''));
}
/**