2 declare(strict_types = 1);
37 'isValidSalt' =>
'Using BlowfishPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
38 'base64Encode' =>
'Using BlowfishPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
44 protected const PREFIX =
'$2a$';
59 const ITOA64 =
'./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
95 throw new \InvalidArgumentException(
96 'hash_count must not be lower than 4 or bigger than 17',
100 $newOptions[
'hash_count'] = (int)
$options[
'hash_count'];
102 $this->options = $newOptions;
113 public function checkPassword(
string $plainPW,
string $saltedHashPW):
bool
117 $isCorrect = \password_verify($plainPW, $saltedHashPW);
129 return (
bool)CRYPT_BLOWFISH;
141 if ($salt !==
null) {
142 trigger_error(static::class .
': using a custom salt is deprecated.', E_USER_DEPRECATED);
145 if (!empty($password)) {
169 return $countLog2 !==
null && $countLog2 < $this->options[
'hash_count'];
180 $isValid = !strncmp(self::PREFIX, $saltedPW, strlen(self::PREFIX));
200 $randomBytes = GeneralUtility::makeInstance(Random::class)->generateRandomBytes(16);
212 $saltWithSettings = $salt;
215 if (strlen($salt) == $reqLenBase64) {
216 $saltWithSettings = self::PREFIX . sprintf(
'%02u', $this->options[
'hash_count']) .
'$' . $salt;
218 return $saltWithSettings;
230 $setting = substr($setting, strlen(self::PREFIX));
231 $firstSplitPos = strpos($setting,
'$');
233 if ($firstSplitPos !==
false && $firstSplitPos <= 2 && is_numeric(substr($setting, 0, $firstSplitPos))) {
234 $countLog2 = (int)substr($setting, 0, $firstSplitPos);
246 return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
257 $isValid = ($skip =
false);
259 if (strlen($salt) >= $reqLenBase64) {
261 if (!strncmp(
'$', $salt, 1)) {
262 if (!strncmp(self::PREFIX, $salt, strlen(self::PREFIX))) {
264 $salt = substr($salt, strrpos($salt,
'$') + 1);
270 if (!$skip && strlen($salt) >= $reqLenBase64) {
271 if (preg_match(
'/^[' . preg_quote($this->
getItoa64(),
'/') .
']{' . $reqLenBase64 .
',' . $reqLenBase64 .
'}$/', substr($salt, 0, $reqLenBase64))) {
286 protected function base64Encode(
string $input,
int $count):
string
292 $value = ord($input[$i++]);
295 $value |= ord($input[$i]) << 8;
297 $output .= $itoa64[$value >> 6 & 63];
298 if ($i++ >= $count) {
302 $value |= ord($input[$i]) << 16;
304 $output .= $itoa64[$value >> 12 & 63];
305 if ($i++ >= $count) {
308 $output .= $itoa64[$value >> 18 & 63];
309 }
while ($i < $count);
323 return (
int)ceil($byteLength * 8 / 6);
334 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
335 return $this->options[
'hash_count'];
346 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
358 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
370 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
382 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
394 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
395 if ($hashCount >= 4 && $hashCount <= 17) {
396 $this->options[
'hash_count'] = $hashCount;
408 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
420 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);