summaryrefslogtreecommitdiffstats
path: root/Core/Encoder
diff options
context:
space:
mode:
Diffstat (limited to 'Core/Encoder')
-rw-r--r--Core/Encoder/BCryptPasswordEncoder.php9
-rw-r--r--Core/Encoder/BasePasswordEncoder.php11
-rw-r--r--Core/Encoder/MessageDigestPasswordEncoder.php10
-rw-r--r--Core/Encoder/Pbkdf2PasswordEncoder.php10
-rw-r--r--Core/Encoder/PlaintextPasswordEncoder.php10
5 files changed, 32 insertions, 18 deletions
diff --git a/Core/Encoder/BCryptPasswordEncoder.php b/Core/Encoder/BCryptPasswordEncoder.php
index e8b2632..fc79021 100644
--- a/Core/Encoder/BCryptPasswordEncoder.php
+++ b/Core/Encoder/BCryptPasswordEncoder.php
@@ -12,6 +12,7 @@
namespace Symfony\Component\Security\Core\Encoder;
use Symfony\Component\Security\Core\Encoder\BasePasswordEncoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
/**
* @author Elnur Abdurrakhimov <elnur@elnur.pro>
@@ -64,7 +65,9 @@ class BCryptPasswordEncoder extends BasePasswordEncoder
*/
public function encodePassword($raw, $salt)
{
- $this->checkPasswordLength($raw);
+ if ($this->isPasswordTooLong($raw)) {
+ throw new BadCredentialsException('Invalid password.');
+ }
$options = array('cost' => $this->cost);
@@ -80,8 +83,6 @@ class BCryptPasswordEncoder extends BasePasswordEncoder
*/
public function isPasswordValid($encoded, $raw, $salt)
{
- $this->checkPasswordLength($raw);
-
- return password_verify($raw, $encoded);
+ return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded);
}
}
diff --git a/Core/Encoder/BasePasswordEncoder.php b/Core/Encoder/BasePasswordEncoder.php
index b7e52bb..ba8ba79 100644
--- a/Core/Encoder/BasePasswordEncoder.php
+++ b/Core/Encoder/BasePasswordEncoder.php
@@ -87,10 +87,13 @@ abstract class BasePasswordEncoder implements PasswordEncoderInterface
return StringUtils::equals($password1, $password2);
}
- protected function checkPasswordLength($password)
+ /**
+ * Checks if the password is too long.
+ *
+ * @return Boolean true if the password is too long, false otherwise
+ */
+ protected function isPasswordTooLong($password)
{
- if (strlen($password) > self::MAX_PASSWORD_LENGTH) {
- throw new BadCredentialsException('Invalid password.');
- }
+ return strlen($password) > self::MAX_PASSWORD_LENGTH;
}
}
diff --git a/Core/Encoder/MessageDigestPasswordEncoder.php b/Core/Encoder/MessageDigestPasswordEncoder.php
index efe1e5c..a7e5546 100644
--- a/Core/Encoder/MessageDigestPasswordEncoder.php
+++ b/Core/Encoder/MessageDigestPasswordEncoder.php
@@ -11,6 +11,8 @@
namespace Symfony\Component\Security\Core\Encoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+
/**
* MessageDigestPasswordEncoder uses a message digest algorithm.
*
@@ -41,7 +43,9 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
*/
public function encodePassword($raw, $salt)
{
- $this->checkPasswordLength($raw);
+ if ($this->isPasswordTooLong($raw)) {
+ throw new BadCredentialsException('Invalid password.');
+ }
if (!in_array($this->algorithm, hash_algos(), true)) {
throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
@@ -63,8 +67,6 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
*/
public function isPasswordValid($encoded, $raw, $salt)
{
- $this->checkPasswordLength($raw);
-
- return $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
+ return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
}
}
diff --git a/Core/Encoder/Pbkdf2PasswordEncoder.php b/Core/Encoder/Pbkdf2PasswordEncoder.php
index a4b5c3b..8a5a958 100644
--- a/Core/Encoder/Pbkdf2PasswordEncoder.php
+++ b/Core/Encoder/Pbkdf2PasswordEncoder.php
@@ -11,6 +11,8 @@
namespace Symfony\Component\Security\Core\Encoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+
/**
* Pbkdf2PasswordEncoder uses the PBKDF2 (Password-Based Key Derivation Function 2).
*
@@ -54,7 +56,9 @@ class Pbkdf2PasswordEncoder extends BasePasswordEncoder
*/
public function encodePassword($raw, $salt)
{
- $this->checkPasswordLength($raw);
+ if ($this->isPasswordTooLong($raw)) {
+ throw new BadCredentialsException('Invalid password.');
+ }
if (!in_array($this->algorithm, hash_algos(), true)) {
throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
@@ -74,9 +78,7 @@ class Pbkdf2PasswordEncoder extends BasePasswordEncoder
*/
public function isPasswordValid($encoded, $raw, $salt)
{
- $this->checkPasswordLength($raw);
-
- return $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
+ return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
}
private function hashPbkdf2($algorithm, $password, $salt, $iterations, $length = 0)
diff --git a/Core/Encoder/PlaintextPasswordEncoder.php b/Core/Encoder/PlaintextPasswordEncoder.php
index 55aad18..22f3da4 100644
--- a/Core/Encoder/PlaintextPasswordEncoder.php
+++ b/Core/Encoder/PlaintextPasswordEncoder.php
@@ -11,6 +11,8 @@
namespace Symfony\Component\Security\Core\Encoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+
/**
* PlaintextPasswordEncoder does not do any encoding.
*
@@ -35,7 +37,9 @@ class PlaintextPasswordEncoder extends BasePasswordEncoder
*/
public function encodePassword($raw, $salt)
{
- $this->checkPasswordLength($raw);
+ if ($this->isPasswordTooLong($raw)) {
+ throw new BadCredentialsException('Invalid password.');
+ }
return $this->mergePasswordAndSalt($raw, $salt);
}
@@ -45,7 +49,9 @@ class PlaintextPasswordEncoder extends BasePasswordEncoder
*/
public function isPasswordValid($encoded, $raw, $salt)
{
- $this->checkPasswordLength($raw);
+ if ($this->isPasswordTooLong($raw)) {
+ return false;
+ }
$pass2 = $this->mergePasswordAndSalt($raw, $salt);
generated by cgit v1.1 at 2025-06-10 20:36:19 +0000