‪TYPO3CMS  10.4
BcryptPasswordHash.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
32 {
36  protected const ‪PREFIX = '$2y$';
37 
44  protected ‪$options = [
45  'cost' => 12,
46  ];
47 
54  public function ‪__construct(array ‪$options = [])
55  {
56  $newOptions = ‪$this->options;
57  // Check options for validity
58  if (isset(‪$options['cost'])) {
59  if (!$this->‪isValidBcryptCost((int)‪$options['cost'])) {
60  throw new \InvalidArgumentException(
61  'cost must not be lower than ' . PASSWORD_BCRYPT_DEFAULT_COST . ' or higher than 31',
62  1533902002
63  );
64  }
65  $newOptions['cost'] = (int)‪$options['cost'];
66  }
67  $this->options = $newOptions;
68  }
69 
75  public function ‪isAvailable(): bool
76  {
77  return defined('PASSWORD_BCRYPT')
78  && PASSWORD_BCRYPT
79  && function_exists('hash')
80  && function_exists('hash_algos')
81  && in_array('sha384', hash_algos());
82  }
83 
92  public function ‪checkPassword(string $plainPW, string $saltedHashPW): bool
93  {
94  return password_verify($this->‪processPlainPassword($plainPW), $saltedHashPW);
95  }
96 
103  public function ‪getHashedPassword(string $password)
104  {
105  $hashedPassword = null;
106  if ($password !== '') {
107  $password = $this->‪processPlainPassword($password);
108  $hashedPassword = password_hash($password, PASSWORD_BCRYPT, $this->options);
109  if (!is_string($hashedPassword) || empty($hashedPassword)) {
110  throw new InvalidPasswordHashException('Cannot generate password, probably invalid options', 1517174114);
111  }
112  }
113  return $hashedPassword;
114  }
115 
122  public function ‪isValidSaltedPW(string $saltedPW): bool
123  {
124  $result = false;
125  $passwordInfo = password_get_info($saltedPW);
126  // Validate the cost value, password_get_info() does not check it
127  $cost = (int)substr($saltedPW, 4, 2);
128  if (isset($passwordInfo['algo'])
129  && $passwordInfo['algo'] === PASSWORD_BCRYPT
130  && strncmp($saltedPW, static::PREFIX, strlen(static::PREFIX)) === 0
131  && $this->‪isValidBcryptCost($cost)
132  ) {
133  $result = true;
134  }
135  return $result;
136  }
143  public function ‪isHashUpdateNeeded(string $passString): bool
144  {
145  return password_needs_rehash($passString, PASSWORD_BCRYPT, $this->options);
146  }
147 
159  protected function ‪processPlainPassword(string $password): string
160  {
161  return base64_encode(hash('sha384', $password, true));
162  }
163 
169  protected function ‪isValidBcryptCost(int $cost): bool
170  {
171  return $cost >= PASSWORD_BCRYPT_DEFAULT_COST && $cost <= 31;
172  }
173 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isHashUpdateNeeded
‪bool isHashUpdateNeeded(string $passString)
Definition: BcryptPasswordHash.php:142
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash
Definition: BcryptPasswordHash.php:32
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\checkPassword
‪bool checkPassword(string $plainPW, string $saltedHashPW)
Definition: BcryptPasswordHash.php:91
‪TYPO3\CMS\Core\Crypto\PasswordHashing
Definition: AbstractArgon2PasswordHash.php:18
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:26
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isValidSaltedPW
‪bool isValidSaltedPW(string $saltedPW)
Definition: BcryptPasswordHash.php:121
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isAvailable
‪bool isAvailable()
Definition: BcryptPasswordHash.php:74
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\processPlainPassword
‪string processPlainPassword(string $password)
Definition: BcryptPasswordHash.php:158
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\__construct
‪__construct(array $options=[])
Definition: BcryptPasswordHash.php:53
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\getHashedPassword
‪string getHashedPassword(string $password)
Definition: BcryptPasswordHash.php:102
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isValidBcryptCost
‪bool isValidBcryptCost(int $cost)
Definition: BcryptPasswordHash.php:168
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
Definition: PasswordHashInterface.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\PREFIX
‪const PREFIX
Definition: BcryptPasswordHash.php:36
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\$options
‪array $options
Definition: BcryptPasswordHash.php:43