Pbkdf2HashingStrategy
class Pbkdf2HashingStrategy implements PasswordHashingStrategyInterface (View source)
A PBKDF2 based password hashing strategy
Properties
protected int | $dynamicSaltLength | Length of the dynamic random salt to generate in bytes |
|
protected int | $iterationCount | Hash iteration count, high counts (>10.000) make brute-force attacks unfeasible |
|
protected int | $derivedKeyLength | Derived key length |
|
protected string | $algorithm | Hash algorithm to use, see hash_algos() |
Methods
Construct a PBKDF2 hashing strategy with the given parameters
Hash a password for storage using PBKDF2 and the configured parameters.
Validate a password against a derived key (hashed password) and salt using PBKDF2.
Details
__construct(int $dynamicSaltLength, int $iterationCount, int $derivedKeyLength, string $algorithm)
Construct a PBKDF2 hashing strategy with the given parameters
string
hashPassword(string $password, string $staticSalt = null)
Hash a password for storage using PBKDF2 and the configured parameters.
Will use a combination of a random dynamic salt and the given static salt.
bool
validatePassword(string $password, string $hashedPasswordAndSalt, string $staticSalt = null)
Validate a password against a derived key (hashed password) and salt using PBKDF2.
Iteration count and algorithm have to match the parameters when generating the derived key.