‪TYPO3CMS  10.4
AbstractArgon2PasswordHash.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
24 {
35  protected ‪$options = [
36  'memory_cost' => 65536,
37  'time_cost' => 16,
38  ];
39 
46  public function ‪__construct(array ‪$options = [])
47  {
48  $newOptions = ‪$this->options;
49  if (isset(‪$options['memory_cost'])) {
50  if ((int)‪$options['memory_cost'] < PASSWORD_ARGON2_DEFAULT_MEMORY_COST) {
51  throw new \InvalidArgumentException(
52  'memory_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
53  1533899612
54  );
55  }
56  $newOptions['memory_cost'] = (int)‪$options['memory_cost'];
57  }
58  if (isset(‪$options['time_cost'])) {
59  if ((int)‪$options['time_cost'] < PASSWORD_ARGON2_DEFAULT_TIME_COST) {
60  throw new \InvalidArgumentException(
61  'time_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_TIME_COST,
62  1533899613
63  );
64  }
65  $newOptions['time_cost'] = (int)‪$options['time_cost'];
66  }
67  if (isset(‪$options['threads'])) {
68  if ((int)‪$options['threads'] < PASSWORD_ARGON2_DEFAULT_THREADS) {
69  throw new \InvalidArgumentException(
70  'threads must not be lower than ' . PASSWORD_ARGON2_DEFAULT_THREADS,
71  1533899614
72  );
73  }
74  $newOptions['threads'] = (int)‪$options['threads'];
75  }
76  $this->options = $newOptions;
77  }
78 
87  protected function ‪getPasswordAlgorithm()
88  {
89  return constant($this->‪getPasswordAlgorithmName());
90  }
91 
100  public function ‪checkPassword(string $plainPW, string $saltedHashPW): bool
101  {
102  return password_verify($plainPW, $saltedHashPW);
103  }
104 
111  public function ‪isAvailable(): bool
112  {
113  return defined($this->‪getPasswordAlgorithmName()) && $this->‪getPasswordAlgorithm();
114  }
115 
122  public function ‪getHashedPassword(string $password)
123  {
124  $hashedPassword = null;
125  if ($password !== '') {
126  $hashedPassword = password_hash($password, $this->‪getPasswordAlgorithm(), $this->options);
127  if (!is_string($hashedPassword) || empty($hashedPassword)) {
128  throw new ‪InvalidPasswordHashException('Cannot generate password, probably invalid options', 1526052118);
129  }
130  }
131  return $hashedPassword;
132  }
133 
141  public function ‪isHashUpdateNeeded(string $passString): bool
142  {
143  return password_needs_rehash($passString, $this->‪getPasswordAlgorithm(), $this->options);
144  }
145 
152  public function ‪isValidSaltedPW(string $saltedPW): bool
153  {
154  $passwordInfo = password_get_info($saltedPW);
155 
156  return
157  isset($passwordInfo['algo'])
158  && $passwordInfo['algo'] === $this->‪getPasswordAlgorithm()
159  && strncmp($saltedPW, $this->‪getPasswordHashPrefix(), strlen($this->‪getPasswordHashPrefix())) === 0;
160  }
161 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\checkPassword
‪bool checkPassword(string $plainPW, string $saltedHashPW)
Definition: AbstractArgon2PasswordHash.php:99
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\isHashUpdateNeeded
‪bool isHashUpdateNeeded(string $passString)
Definition: AbstractArgon2PasswordHash.php:140
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getHashedPassword
‪string null getHashedPassword(string $password)
Definition: AbstractArgon2PasswordHash.php:121
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\__construct
‪__construct(array $options=[])
Definition: AbstractArgon2PasswordHash.php:45
‪TYPO3\CMS\Core\Crypto\PasswordHashing
Definition: AbstractArgon2PasswordHash.php:18
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:26
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface\getPasswordHashPrefix
‪getPasswordHashPrefix()
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash
Definition: AbstractArgon2PasswordHash.php:24
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface\getPasswordAlgorithmName
‪getPasswordAlgorithmName()
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\isAvailable
‪bool isAvailable()
Definition: AbstractArgon2PasswordHash.php:110
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getPasswordAlgorithm
‪int string null getPasswordAlgorithm()
Definition: AbstractArgon2PasswordHash.php:86
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface
Definition: Argon2PasswordHashInterface.php:21
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\isValidSaltedPW
‪bool isValidSaltedPW(string $saltedPW)
Definition: AbstractArgon2PasswordHash.php:151
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
Definition: PasswordHashInterface.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\$options
‪array $options
Definition: AbstractArgon2PasswordHash.php:34