Home Explore Help
Register Sign In
VendorSoftware
/
symfony
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

applies base64 encoding directly to the binary data instead of their hexadecimal representation

Johannes M. Schmitt 14 years ago
parent
6885f90f17
commit
3463f47698
2 changed files with 6 additions and 6 deletions
Split View Show Diff Stats
  1. 4 4
      src/Symfony/Component/Security/Encoder/MessageDigestPasswordEncoder.php
  2. 2 2
      tests/Symfony/Tests/Component/Security/Encoder/MessageDigestPasswordEncoderTest.php

+ 4 - 4
src/Symfony/Component/Security/Encoder/MessageDigestPasswordEncoder.php
View File 

@@ -26,7 +26,7 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
 
      *
 
      * @param string  $algorithm          The digest algorithm to use
 
      * @param Boolean $encodeHashAsBase64 Whether to base64 encode the password hash
 
-     * @param integer $iterations         The number of iterations to use to stretch the password
 
+     * @param integer $iterations         The number of iterations to use to stretch the password hash
 
      */
 
     public function __construct($algorithm = 'sha256', $encodeHashAsBase64 = false, $iterations = 1)
 
     {
 
@@ -45,14 +45,14 @@ class MessageDigestPasswordEncoder extends BasePasswordEncoder
 
         }
 
 
         $salted = $this->mergePasswordAndSalt($raw, $salt);
 
-        $digest = hash($this->algorithm, $salted);
 
+        $digest = hash($this->algorithm, $salted, true);
 
 
         // "stretch" hash
 
         for ($i = 1; $i < $this->iterations; $i++) {
 
-            $digest = hash($this->algorithm, $digest);
 
+            $digest = hash($this->algorithm, $digest, true);
 
         }
 
 
-        return $this->encodeHashAsBase64 ? base64_encode($digest) : $digest;
 
+        return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
 
     }
 
 
     /**

+ 2 - 2
tests/Symfony/Tests/Component/Security/Encoder/MessageDigestPasswordEncoderTest.php
View File 

@@ -27,10 +27,10 @@ class MessageDigestPasswordEncoderTest extends \PHPUnit_Framework_TestCase
 
         $this->assertSame(hash('sha256', 'password'), $encoder->encodePassword('password', ''));
 
 
         $encoder = new MessageDigestPasswordEncoder('sha256', true);
 
-        $this->assertSame(base64_encode(hash('sha256', 'password')), $encoder->encodePassword('password', ''));
 
+        $this->assertSame(base64_encode(hash('sha256', 'password', true)), $encoder->encodePassword('password', ''));
 
 
         $encoder = new MessageDigestPasswordEncoder('sha256', false, 2);
 
-        $this->assertSame(hash('sha256', hash('sha256', 'password')), $encoder->encodePassword('password', ''));
 
+        $this->assertSame(hash('sha256', hash('sha256', 'password', true)), $encoder->encodePassword('password', ''));
 
     }
 
 
     /**