‪TYPO3CMS  11.5
BcryptPasswordHash.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
32 {
36  protected const ‪PREFIX = '$2y$';
37 
44  protected ‪$options = [
45  'cost' => 12,
46  ];
47 
54  public function ‪__construct(array ‪$options = [])
55  {
56  $newOptions = ‪$this->options;
57  // Check options for validity
58  if (isset(‪$options['cost'])) {
59  if (!$this->‪isValidBcryptCost((int)‪$options['cost'])) {
60  throw new \InvalidArgumentException(
61  'cost must not be lower than 10 or higher than 31',
62  1533902002
63  );
64  }
65  $newOptions['cost'] = (int)‪$options['cost'];
66  }
67  $this->options = $newOptions;
68  }
69 
75  public function ‪isAvailable(): bool
76  {
77  return defined('PASSWORD_BCRYPT')
78  && function_exists('hash')
79  && function_exists('hash_algos')
80  && in_array('sha384', hash_algos());
81  }
82 
91  public function ‪checkPassword(string $plainPW, string $saltedHashPW): bool
92  {
93  return password_verify($this->‪processPlainPassword($plainPW), $saltedHashPW);
94  }
95 
102  public function ‪getHashedPassword(string $password)
103  {
104  $hashedPassword = null;
105  if ($password !== '') {
106  $password = $this->‪processPlainPassword($password);
107  $hashedPassword = password_hash($password, PASSWORD_BCRYPT, $this->options);
108  if (!is_string($hashedPassword) || empty($hashedPassword)) {
109  throw new InvalidPasswordHashException('Cannot generate password, probably invalid options', 1517174114);
110  }
111  }
112  return $hashedPassword;
113  }
114 
121  public function ‪isValidSaltedPW(string $saltedPW): bool
122  {
123  $result = false;
124  $passwordInfo = password_get_info($saltedPW);
125  // Validate the cost value, password_get_info() does not check it
126  $cost = (int)substr($saltedPW, 4, 2);
127  if (isset($passwordInfo['algo'])
128  && $passwordInfo['algo'] === PASSWORD_BCRYPT
129  && strncmp($saltedPW, static::PREFIX, strlen(static::PREFIX)) === 0
130  && $this->‪isValidBcryptCost($cost)
131  ) {
132  $result = true;
133  }
134  return $result;
135  }
142  public function ‪isHashUpdateNeeded(string $passString): bool
143  {
144  return password_needs_rehash($passString, PASSWORD_BCRYPT, $this->options);
145  }
146 
158  protected function ‪processPlainPassword(string $password): string
159  {
160  return base64_encode(hash('sha384', $password, true));
161  }
162 
168  protected function ‪isValidBcryptCost(int $cost): bool
169  {
170  return $cost >= 10 && $cost <= 31;
171  }
172 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isHashUpdateNeeded
‪bool isHashUpdateNeeded(string $passString)
Definition: BcryptPasswordHash.php:141
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash
Definition: BcryptPasswordHash.php:32
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\checkPassword
‪bool checkPassword(string $plainPW, string $saltedHashPW)
Definition: BcryptPasswordHash.php:90
‪TYPO3\CMS\Core\Crypto\PasswordHashing
Definition: AbstractArgon2PasswordHash.php:18
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isValidSaltedPW
‪bool isValidSaltedPW(string $saltedPW)
Definition: BcryptPasswordHash.php:120
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isAvailable
‪bool isAvailable()
Definition: BcryptPasswordHash.php:74
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\processPlainPassword
‪string processPlainPassword(string $password)
Definition: BcryptPasswordHash.php:157
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\__construct
‪__construct(array $options=[])
Definition: BcryptPasswordHash.php:53
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\getHashedPassword
‪string getHashedPassword(string $password)
Definition: BcryptPasswordHash.php:101
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\isValidBcryptCost
‪bool isValidBcryptCost(int $cost)
Definition: BcryptPasswordHash.php:167
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
Definition: PasswordHashInterface.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\PREFIX
‪const PREFIX
Definition: BcryptPasswordHash.php:36
‪TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash\$options
‪array $options
Definition: BcryptPasswordHash.php:43