From eba38024cb3320cca78f91a75402b42c01dae96c Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Sun, 4 Sep 2016 10:34:53 +0200 Subject: [Security] Allow run-time configuration of hash algo --- Core/Encoder/EncoderFactory.php | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/Core/Encoder/EncoderFactory.php b/Core/Encoder/EncoderFactory.php index 0568d41..7794b2f 100644 --- a/Core/Encoder/EncoderFactory.php +++ b/Core/Encoder/EncoderFactory.php @@ -69,6 +69,9 @@ class EncoderFactory implements EncoderFactoryInterface */ private function createEncoder(array $config) { + if (isset($config['algorithm'])) { + $config = $this->getEncoderConfigFromAlgorithm($config); + } if (!isset($config['class'])) { throw new \InvalidArgumentException(sprintf('"class" must be set in %s.', json_encode($config))); } @@ -80,4 +83,41 @@ class EncoderFactory implements EncoderFactoryInterface return $reflection->newInstanceArgs($config['arguments']); } + + private function getEncoderConfigFromAlgorithm($config) + { + switch ($config['algorithm']) { + case 'plaintext': + return array( + 'class' => PlaintextPasswordEncoder::class, + 'arguments' => array($config['ignore_case']), + ); + + case 'pbkdf2': + return array( + 'class' => Pbkdf2PasswordEncoder::class, + 'arguments' => array( + $config['hash_algorithm'], + $config['encode_as_base64'], + $config['iterations'], + $config['key_length'], + ), + ); + + case 'bcrypt': + return array( + 'class' => BCryptPasswordEncoder::class, + 'arguments' => array($config['cost']), + ); + } + + return array( + 'class' => MessageDigestPasswordEncoder::class, + 'arguments' => array( + $config['algorithm'], + $config['encode_as_base64'], + $config['iterations'], + ), + ); + } } -- cgit v1.1