diff options
| -rw-r--r-- | Encoder/MessageDigestPasswordEncoder.php | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/Encoder/MessageDigestPasswordEncoder.php b/Encoder/MessageDigestPasswordEncoder.php index 4d0edd8..22303b6 100644 --- a/Encoder/MessageDigestPasswordEncoder.php +++ b/Encoder/MessageDigestPasswordEncoder.php @@ -25,10 +25,10 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder * Constructor. * * @param string $algorithm The digest algorithm to use - * @param Boolean $encodeHashAsBase64 Whether to base64 encode the password + * @param Boolean $encodeHashAsBase64 Whether to base64 encode the password hash * @param integer $iterations The number of iterations to use to stretch the password */ - public function __construct($algorithm = 'sha1', $encodeHashAsBase64 = false, $iterations = 1) + public function __construct($algorithm = 'sha256', $encodeHashAsBase64 = false, $iterations = 1) { $this->algorithm = $algorithm; $this->encodeHashAsBase64 = $encodeHashAsBase64; @@ -40,12 +40,16 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder */ public function encodePassword($raw, $salt) { + if (!in_array($this->algorithm, hash_algos(), true)) { + throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm)); + } + $salted = $this->mergePasswordAndSalt($raw, $salt); - $digest = call_user_func($this->algorithm, $salted); + $digest = hash($this->algorithm, $salted); - // "stretch" the encoded value + // "stretch" hash for ($i = 1; $i < $this->iterations; $i++) { - $digest = call_user_func($this->algorithm, $digest); + $digest = hash($this->algorithm, $digest); } return $this->encodeHashAsBase64 ? base64_encode($digest) : $digest; |