2 declare(strict_types = 1);
48 'memory_cost' => 65536,
62 if ((
int)
$options[
'memory_cost'] < PASSWORD_ARGON2_DEFAULT_MEMORY_COST) {
63 throw new \InvalidArgumentException(
64 'memory_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
68 $newOptions[
'memory_cost'] = (int)
$options[
'memory_cost'];
71 if ((
int)
$options[
'time_cost'] < PASSWORD_ARGON2_DEFAULT_TIME_COST) {
72 throw new \InvalidArgumentException(
73 'time_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_TIME_COST,
77 $newOptions[
'time_cost'] = (int)
$options[
'time_cost'];
80 if ((
int)
$options[
'threads'] < PASSWORD_ARGON2_DEFAULT_THREADS) {
81 throw new \InvalidArgumentException(
82 'threads must not be lower than ' . PASSWORD_ARGON2_DEFAULT_THREADS,
86 $newOptions[
'threads'] = (int)
$options[
'threads'];
88 $this->options = $newOptions;
99 public function checkPassword(
string $plainPW,
string $saltedHashPW): bool
101 return password_verify($plainPW, $saltedHashPW);
112 return defined(
'PASSWORD_ARGON2I') && PASSWORD_ARGON2I;
124 if ($salt !==
null) {
125 trigger_error(static::class .
': using a custom salt is deprecated in PHP password api and ignored.', E_USER_DEPRECATED);
127 $hashedPassword =
null;
128 if ($password !==
'') {
129 $hashedPassword = password_hash($password, PASSWORD_ARGON2I, $this->options);
130 if (!is_string($hashedPassword) || empty($hashedPassword)) {
131 throw new InvalidPasswordHashException(
'Cannot generate password, probably invalid options', 1526052118);
134 return $hashedPassword;
146 return password_needs_rehash($passString, PASSWORD_ARGON2I, $this->options);
158 $passwordInfo = password_get_info($saltedPW);
159 if (isset($passwordInfo[
'algo'])
160 && $passwordInfo[
'algo'] === PASSWORD_ARGON2I
161 && strncmp($saltedPW, static::PREFIX, strlen(static::PREFIX)) === 0
174 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
186 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
191 if ((
int)
$options[
'memory_cost'] < PASSWORD_ARGON2_DEFAULT_MEMORY_COST) {
192 throw new \InvalidArgumentException(
193 'memory_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
197 $newOptions[
'memory_cost'] = (int)
$options[
'memory_cost'];
199 $newOptions[
'memory_cost'] = 16384;
203 if ((
int)
$options[
'time_cost'] < PASSWORD_ARGON2_DEFAULT_TIME_COST) {
204 throw new \InvalidArgumentException(
205 'time_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_TIME_COST,
209 $newOptions[
'time_cost'] = (int)
$options[
'time_cost'];
211 $newOptions[
'time_cost'] = 16;
215 if ((
int)
$options[
'threads'] < PASSWORD_ARGON2_DEFAULT_THREADS) {
216 throw new \InvalidArgumentException(
217 'threads must not be lower than ' . PASSWORD_ARGON2_DEFAULT_THREADS,
221 $newOptions[
'threads'] = (int)
$options[
'threads'];
223 $newOptions[
'threads'] = 2;
226 $this->options = $newOptions;