/usr/share/php/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php is in php-symfony-security 2.7.10-0ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 | <?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Core\Encoder;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
/**
* @author Elnur Abdurrakhimov <elnur@elnur.pro>
* @author Terje BrĂ¥ten <terje@braten.be>
*/
class BCryptPasswordEncoder extends BasePasswordEncoder
{
const MAX_PASSWORD_LENGTH = 72;
/**
* @var string
*/
private $cost;
/**
* Constructor.
*
* @param int $cost The algorithmic cost that should be used
*
* @throws \RuntimeException When no BCrypt encoder is available
* @throws \InvalidArgumentException if cost is out of range
*/
public function __construct($cost)
{
if (!function_exists('password_hash')) {
throw new \RuntimeException('To use the BCrypt encoder, you need to upgrade to PHP 5.5 or install the "ircmaxell/password-compat" via Composer.');
}
$cost = (int) $cost;
if ($cost < 4 || $cost > 31) {
throw new \InvalidArgumentException('Cost must be in the range of 4-31.');
}
$this->cost = $cost;
}
/**
* Encodes the raw password.
*
* It doesn't work with PHP versions lower than 5.3.7, since
* the password compat library uses CRYPT_BLOWFISH hash type with
* the "$2y$" salt prefix (which is not available in the early PHP versions).
*
* @see https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833
*
* It is almost best to **not** pass a salt and let PHP generate one for you.
*
* @param string $raw The password to encode
* @param string $salt The salt
*
* @return string The encoded password
*
* @throws BadCredentialsException when the given password is too long
*
* @link http://lxr.php.net/xref/PHP_5_5/ext/standard/password.c#111
*/
public function encodePassword($raw, $salt)
{
if ($this->isPasswordTooLong($raw)) {
throw new BadCredentialsException('Invalid password.');
}
$options = array('cost' => $this->cost);
if ($salt) {
$options['salt'] = $salt;
}
return password_hash($raw, PASSWORD_BCRYPT, $options);
}
/**
* {@inheritdoc}
*/
public function isPasswordValid($encoded, $raw, $salt)
{
return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded);
}
}
|