diff options
| author | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-10-14 16:40:43 +0200 |
|---|---|---|
| committer | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-10-28 03:15:07 +0100 |
| commit | 1473342e7bb5d3d3080f78b196f528b4acf34db2 (patch) | |
| tree | 3319333a745b78bd7b4b04c504be69d7543f729b /Core/Encoder | |
| parent | d355322988b1c1d1798e19c41cc86b4169c31f2a (diff) | |
| download | symfony-security-1473342e7bb5d3d3080f78b196f528b4acf34db2.zip symfony-security-1473342e7bb5d3d3080f78b196f528b4acf34db2.tar.gz symfony-security-1473342e7bb5d3d3080f78b196f528b4acf34db2.tar.bz2 | |
Rely on iconv and symfony/polyfill-*
Diffstat (limited to 'Core/Encoder')
| -rw-r--r-- | Core/Encoder/BCryptPasswordEncoder.php | 4 | ||||
| -rw-r--r-- | Core/Encoder/BasePasswordEncoder.php | 4 | ||||
| -rw-r--r-- | Core/Encoder/Pbkdf2PasswordEncoder.php | 26 |
3 files changed, 2 insertions, 32 deletions
diff --git a/Core/Encoder/BCryptPasswordEncoder.php b/Core/Encoder/BCryptPasswordEncoder.php index d2b0319..c0c8fe0 100644 --- a/Core/Encoder/BCryptPasswordEncoder.php +++ b/Core/Encoder/BCryptPasswordEncoder.php @@ -34,10 +34,6 @@ class BCryptPasswordEncoder extends BasePasswordEncoder */ public function __construct($cost) { - if (!function_exists('password_hash')) { - throw new \RuntimeException('To use the BCrypt encoder, you need to upgrade to PHP 5.5 or install the "ircmaxell/password-compat" via Composer.'); - } - $cost = (int) $cost; if ($cost < 4 || $cost > 31) { throw new \InvalidArgumentException('Cost must be in the range of 4-31.'); diff --git a/Core/Encoder/BasePasswordEncoder.php b/Core/Encoder/BasePasswordEncoder.php index 1c9ada1..12126d8 100644 --- a/Core/Encoder/BasePasswordEncoder.php +++ b/Core/Encoder/BasePasswordEncoder.php @@ -11,8 +11,6 @@ namespace Symfony\Component\Security\Core\Encoder; -use Symfony\Component\Security\Core\Util\StringUtils; - /** * BasePasswordEncoder is the base class for all password encoders. * @@ -83,7 +81,7 @@ abstract class BasePasswordEncoder implements PasswordEncoderInterface */ protected function comparePasswords($password1, $password2) { - return StringUtils::equals($password1, $password2); + return hash_equals($password1, $password2); } /** diff --git a/Core/Encoder/Pbkdf2PasswordEncoder.php b/Core/Encoder/Pbkdf2PasswordEncoder.php index 6f24c4f..8422a4b 100644 --- a/Core/Encoder/Pbkdf2PasswordEncoder.php +++ b/Core/Encoder/Pbkdf2PasswordEncoder.php @@ -64,11 +64,7 @@ class Pbkdf2PasswordEncoder extends BasePasswordEncoder throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm)); } - if (function_exists('hash_pbkdf2')) { - $digest = hash_pbkdf2($this->algorithm, $raw, $salt, $this->iterations, $this->length, true); - } else { - $digest = $this->hashPbkdf2($this->algorithm, $raw, $salt, $this->iterations, $this->length); - } + $digest = hash_pbkdf2($this->algorithm, $raw, $salt, $this->iterations, $this->length, true); return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest); } @@ -80,24 +76,4 @@ class Pbkdf2PasswordEncoder extends BasePasswordEncoder { return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt)); } - - private function hashPbkdf2($algorithm, $password, $salt, $iterations, $length = 0) - { - // Number of blocks needed to create the derived key - $blocks = ceil($length / strlen(hash($algorithm, null, true))); - $digest = ''; - - for ($i = 1; $i <= $blocks; ++$i) { - $ib = $block = hash_hmac($algorithm, $salt.pack('N', $i), $password, true); - - // Iterations - for ($j = 1; $j < $iterations; ++$j) { - $ib ^= ($block = hash_hmac($algorithm, $block, $password, true)); - } - - $digest .= $ib; - } - - return substr($digest, 0, $this->length); - } } |