Drupal7
in package
implements
AlgorithmInterface
Table of Contents
Interfaces
Constants
- ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
Properties
- $defaultAlgo : string
- $hashLength : int
- $maxHashCount : int
- $minHashCount : int
Methods
- _d7_password_base64_encode() : string
- This is taken from Drupal 7.91
- _d7_password_generate_salt() : string
- This is taken from Drupal 7.91
- checkPassword() : bool
- Checks if a password matches the stored value
- hashPassword() : string
- Creates a hashed value to store for given password.
- _d7_password_crypt() : string|bool
- This is taken from Drupal 7.91
Constants
ITOA64
public
mixed
ITOA64
= './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
Properties
$defaultAlgo
public
static string
$defaultAlgo
= 'sha512'
$hashLength
public
static int
$hashLength
= 55
$maxHashCount
public
static int
$maxHashCount
= 30
$minHashCount
public
static int
$minHashCount
= 7
Methods
_d7_password_base64_encode()
This is taken from Drupal 7.91
public
_d7_password_base64_encode(mixed $input, mixed $count) : string
Encodes bytes into printable base 64 using the *nix standard from crypt().
Parameters
- $input : mixed
-
The string containing bytes to encode.
- $count : mixed
-
The number of characters (bytes) to encode.
Return values
string —Encoded string
_d7_password_generate_salt()
This is taken from Drupal 7.91
public
_d7_password_generate_salt([mixed $count_log2 = NULL ]) : string
Generates a random base 64-encoded salt prefixed with settings for the hash.
Proper use of salts may defeat a number of attacks, including:
- The ability to try candidate passwords against multiple hashes at once.
- The ability to use pre-hashed lists of candidate passwords.
- The ability to determine whether two users have the same (or different) password without actually having to guess one of the passwords.
Parameters
- $count_log2 : mixed = NULL
-
Integer that determines the number of iterations used in the hashing process. A larger value is more secure, but takes more time to complete.
Return values
string —A 12 character string containing the iteration count and a random salt.
checkPassword()
Checks if a password matches the stored value
public
checkPassword(string $plaintext, string $storedPassword) : bool
Parameters
- $plaintext : string
- $storedPassword : string
Return values
boolhashPassword()
Creates a hashed value to store for given password.
public
hashPassword(string $plaintext) : string
Responsible for loading any of its configurable settings.
Parameters
- $plaintext : string
Return values
string_d7_password_crypt()
This is taken from Drupal 7.91
protected
_d7_password_crypt(mixed $algo, mixed $password, mixed $setting) : string|bool
Hash a password using a secure stretched hash.
By using a salt and repeated hashing the password is "stretched". Its security is increased because it becomes much more computationally costly for an attacker to try to break the hash by brute-force computation of the hashes of a large number of plain-text words or strings to find a match.
Parameters
- $algo : mixed
-
The string name of a hashing algorithm usable by hash(), like 'sha256'.
- $password : mixed
-
Plain-text password up to 512 bytes (128 to 512 UTF-8 characters) to hash.
- $setting : mixed
-
An existing hash or the output of _d7_password_generate_salt(). Must be at least 12 characters (the settings and salt).
Return values
string|bool —A string containing the hashed password (and salt) or FALSE on failure. The return string will be truncated at DRUPAL_HASH_LENGTH characters max.