class MessageDigestPasswordEncoder extends BasePasswordEncoder

MessageDigestPasswordEncoder uses a message digest algorithm.

Constants

MAX_PASSWORD_LENGTH

Methods

array
demergePasswordAndSalt(string $mergedPasswordSalt)

Demerges a merge password and salt string.

string
mergePasswordAndSalt(string $password, string $salt)

Merges a password and a salt.

bool
comparePasswords(string $password1, string $password2)

Compares two passwords.

bool
isPasswordTooLong(string $password)

Checks if the password is too long.

__construct(string $algorithm = 'sha512', bool $encodeHashAsBase64 = true, int $iterations = 5000)

No description

string
encodePassword(string $raw, string $salt)

Encodes the raw password.

bool
isPasswordValid(string $encoded, string $raw, string $salt)

Checks a raw password against an encoded password.

Details

in BasePasswordEncoder at line 30
protected array demergePasswordAndSalt(string $mergedPasswordSalt)

Demerges a merge password and salt string.

Parameters

string $mergedPasswordSalt The merged password and salt string

Return Value

array An array where the first element is the password and the second the salt

in BasePasswordEncoder at line 58
protected string mergePasswordAndSalt(string $password, string $salt)

Merges a password and a salt.

Parameters

string $password The password to be used
string $salt The salt to be used

Return Value

string a merged password and salt

Exceptions

InvalidArgumentException

in BasePasswordEncoder at line 82
protected bool comparePasswords(string $password1, string $password2)

Compares two passwords.

This method implements a constant-time algorithm to compare passwords to avoid (remote) timing attacks.

Parameters

string $password1 The first password
string $password2 The second password

Return Value

bool true if the two passwords are the same, false otherwise

in BasePasswordEncoder at line 94
protected bool isPasswordTooLong(string $password)

Checks if the password is too long.

Parameters

string $password The password to check

Return Value

bool true if the password is too long, false otherwise

at line 32
__construct(string $algorithm = 'sha512', bool $encodeHashAsBase64 = true, int $iterations = 5000)

Parameters

string $algorithm The digest algorithm to use
bool $encodeHashAsBase64 Whether to base64 encode the password hash
int $iterations The number of iterations to use to stretch the password hash

at line 42
string encodePassword(string $raw, string $salt)

Encodes the raw password.

Parameters

string $raw The password to encode
string $salt The salt

Return Value

string The encoded password

at line 66
bool isPasswordValid(string $encoded, string $raw, string $salt)

Checks a raw password against an encoded password.

Parameters

string $encoded An encoded password
string $raw A raw password
string $salt The salt

Return Value

bool true if the password is valid, false otherwise