diff options
| author | Jakub Zalas <jakub@zalas.pl> | 2015-12-17 18:04:54 +0000 |
|---|---|---|
| committer | Jakub Zalas <jakub@zalas.pl> | 2015-12-17 18:04:54 +0000 |
| commit | f19082239fd48c17e8d99b252215f0172dc1ff14 (patch) | |
| tree | 574d27bf3dfb8e6d60c33b72c465a3b56f47ce78 | |
| parent | c6e2323b707734f39941e57bf39df8ab85ccf6c3 (diff) | |
| download | symfony-security-f19082239fd48c17e8d99b252215f0172dc1ff14.zip symfony-security-f19082239fd48c17e8d99b252215f0172dc1ff14.tar.gz symfony-security-f19082239fd48c17e8d99b252215f0172dc1ff14.tar.bz2 | |
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
| -rw-r--r-- | Core/Encoder/BCryptPasswordEncoder.php | 2 | ||||
| -rw-r--r-- | Core/Encoder/BasePasswordEncoder.php | 2 | ||||
| -rw-r--r-- | Tests/Core/Encoder/BCryptPasswordEncoderTest.php | 6 |
3 files changed, 7 insertions, 3 deletions
diff --git a/Core/Encoder/BCryptPasswordEncoder.php b/Core/Encoder/BCryptPasswordEncoder.php index d2b0319..83ae334 100644 --- a/Core/Encoder/BCryptPasswordEncoder.php +++ b/Core/Encoder/BCryptPasswordEncoder.php @@ -19,6 +19,8 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException; */ class BCryptPasswordEncoder extends BasePasswordEncoder { + const MAX_PASSWORD_LENGTH = 72; + /** * @var string */ diff --git a/Core/Encoder/BasePasswordEncoder.php b/Core/Encoder/BasePasswordEncoder.php index 1c9ada1..fcf2e47 100644 --- a/Core/Encoder/BasePasswordEncoder.php +++ b/Core/Encoder/BasePasswordEncoder.php @@ -95,6 +95,6 @@ abstract class BasePasswordEncoder implements PasswordEncoderInterface */ protected function isPasswordTooLong($password) { - return strlen($password) > self::MAX_PASSWORD_LENGTH; + return strlen($password) > static::MAX_PASSWORD_LENGTH; } } diff --git a/Tests/Core/Encoder/BCryptPasswordEncoderTest.php b/Tests/Core/Encoder/BCryptPasswordEncoderTest.php index 076d954..52d64a2 100644 --- a/Tests/Core/Encoder/BCryptPasswordEncoderTest.php +++ b/Tests/Core/Encoder/BCryptPasswordEncoderTest.php @@ -73,13 +73,15 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase { $encoder = new BCryptPasswordEncoder(self::VALID_COST); - $encoder->encodePassword(str_repeat('a', 5000), 'salt'); + $encoder->encodePassword(str_repeat('a', 73), 'salt'); } public function testCheckPasswordLength() { $encoder = new BCryptPasswordEncoder(self::VALID_COST); + $result = $encoder->encodePassword(str_repeat('a', 72), null); - $this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), 'salt')); + $this->assertFalse($encoder->isPasswordValid($result, str_repeat('a', 73), 'salt')); + $this->assertTrue($encoder->isPasswordValid($result, str_repeat('a', 72), 'salt')); } } |