Tuskfish API
  • Package
  • Class

Packages

  • content
  • core
  • database
  • installation
  • security
  • user
  • utilities

Classes

  • TfishFilter
  • TfishSecurityUtility
  • TfishSession
  • TfishYubikeyAuthenticator

Class TfishSecurityUtility

Security utilities class.

Provides methods to conduct basic security operations such as generating salts and hashing passwords etc.

Package: security
Copyright: Simon Wilkinson 2013-2017 (https://tuskfish.biz)
License: GNU General Public License (GPL) V2
Author: Simon Wilkinson simon@isengard.biz
Version: Release: 1.0
Since: 1.0
Located at trust_path/libraries/tuskfish/class/TfishSecurityUtility.php

Methods summary

public static array
# checkPasswordStrength( string $password )

Evaluates the strength of a password to resist brute force cracking.

Evaluates the strength of a password to resist brute force cracking.

Issues warnings if deficiencies are found. Requires a minimum length of 15 characters. Due to revision of advice on best practices most requirements have been relaxed, as user behaviour tends to be counter-productive. Basically, it's up to you, the admin, to choose a sane password.

Parameters

$password
Input password.

Returns

array
Array of evaluation warnings as strings.
public static string
# generateSalt( integer $length = 64 )

Generate a psuedo-random salt of arbitrary length.

Generate a psuedo-random salt of arbitrary length.

This is used to salt user passwords, to make them more difficult to brute force crack.

Parameters

$length
Length of required salt.

Returns

string
$salt
public static string
# recursivelyHashPassword( string $password, integer $iterations, string $site_salt, string $user_salt = '' )

Recursively hashes a salted password to harden it against dictionary attacks.

Recursively hashes a salted password to harden it against dictionary attacks.

Recursively hashing a password a large number of times directly increases the amount of effort that must be spent to brute force or even dictionary attack a hash, because each attempt will consume $iterations more cycles.

Parameters

$password
Input password.
$iterations

Number of iterations to run, you want this to be a large number (100,000 or more).

$site_salt
The Tuskfish site salt, found in the configuration file.
$user_salt

The user-specific salt for this user, found in the user database table.

Returns

string
Password hash.
Tuskfish API API documentation generated by ApiGen