[FEATURE] Add PBKDF2 based password storage to EXT:saltedpasswords 42/42342/9
authorMorton Jonuschat <m.jonuschat@mojocode.de>
Fri, 7 Aug 2015 06:31:03 +0000 (08:31 +0200)
committerMarkus Klein <markus.klein@typo3.org>
Fri, 15 Jan 2016 15:13:42 +0000 (16:13 +0100)
commitfb515b07d7a035acfd509d43002dd29d20041b27
tree0338808794cfe03a24c621829e650b9c1e7c0ee5
parentef5062706bee0beb497b0ac447d784fb8a50b213
[FEATURE] Add PBKDF2 based password storage to EXT:saltedpasswords

Implement the PBKDF2 password hashing for EXT:saltedpasswords. PBKDF2 is
the NIST recommended way to store passwords in a FIPS compliant way.

The storage format is identical with passlib from Python to enable some
portability as there's no official storage format yet.

The choice of iteration count has been set to a value that matches the
performance characteristics of the Blowfish/Bcrypt hashing.

Resolves: #28230
Releases: master
Change-Id: I87817129b317fd1b4ebf4bae101b66b3fcebb6ce
Reviewed-on: https://review.typo3.org/42342
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
typo3/sysext/core/Documentation/Changelog/master/Feature-28230-AddSupportForPBKDF2ToSaltedpasswords.rst [new file with mode: 0644]
typo3/sysext/saltedpasswords/Classes/Salt/Pbkdf2Salt.php [new file with mode: 0644]
typo3/sysext/saltedpasswords/Classes/Salt/SaltFactory.php
typo3/sysext/saltedpasswords/Documentation/Overview/Index.rst
typo3/sysext/saltedpasswords/Resources/Private/Language/locallang.xlf
typo3/sysext/saltedpasswords/Tests/Unit/Salt/Pbkdf2SaltTest.php [new file with mode: 0644]
typo3/sysext/saltedpasswords/Tests/Unit/Salt/SaltFactoryTest.php