/** * Hash a password for storage using PBKDF2 and the configured parameters. * Will use a combination of a random dynamic salt and the given static salt. * * @param string $password Cleartext password that should be hashed * @param string $staticSalt Static salt that will be appended to the random dynamic salt * @return string A Base64 encoded string with the derived key (hashed password) and dynamic salt */ public function hashPassword($password, $staticSalt = NULL) { $dynamicSalt = \TYPO3\FLOW3\Utility\Algorithms::generateRandomBytes($this->dynamicSaltLength); $result = \TYPO3\FLOW3\Security\Cryptography\Algorithms::pbkdf2($password, $dynamicSalt . $staticSalt, $this->iterationCount, $this->derivedKeyLength, $this->algorithm); return base64_encode($dynamicSalt) . ',' . base64_encode($result); }
/** * @return string The configured encryption key stored in Data/Persistent/EncryptionKey * @throws \TYPO3\FLOW3\Security\Exception\MissingConfigurationException */ protected function getEncryptionKey() { if ($this->encryptionKey === NULL) { if (!file_exists(FLOW3_PATH_DATA . 'Persistent/EncryptionKey')) { file_put_contents(FLOW3_PATH_DATA . 'Persistent/EncryptionKey', bin2hex(\TYPO3\FLOW3\Utility\Algorithms::generateRandomBytes(96))); } $this->encryptionKey = file_get_contents(FLOW3_PATH_DATA . 'Persistent/EncryptionKey'); if ($this->encryptionKey === FALSE || $this->encryptionKey === '') { throw new \TYPO3\FLOW3\Security\Exception\MissingConfigurationException('No encryption key for the HashService was found and none could be created at "' . FLOW3_PATH_DATA . 'Persistent/EncryptionKey"', 1258991855); } } return $this->encryptionKey; }