2 declare(strict_types = 1);
41 'isValidSalt' =>
'Using PhpassPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
42 'base64Encode' =>
'Using PhpassPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
48 protected const PREFIX =
'$P$';
63 const ITOA64 =
'./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
98 throw new \InvalidArgumentException(
99 'hash_count must not be lower than 7 or bigger than 24',
103 $newOptions[
'hash_count'] = (int)
$options[
'hash_count'];
105 $this->options = $newOptions;
116 public function checkPassword(
string $plainPW,
string $saltedHashPW):
bool
119 return $hash && hash_equals($hash, $saltedHashPW);
141 if ($salt !==
null) {
142 trigger_error(static::class .
': using a custom salt is deprecated.', E_USER_DEPRECATED);
145 if (!empty($password)) {
167 if (strncmp($passString,
'$P$', 3) || strlen($passString) != 34) {
171 return $this->
getCountLog2($passString) < $this->options[
'hash_count'];
182 $isValid = !strncmp(self::PREFIX, $saltedPW, strlen(self::PREFIX));
197 $saltWithSettings = $salt;
200 if (strlen($salt) == $reqLenBase64) {
203 $saltWithSettings = self::PREFIX . $itoa64[$this->options[
'hash_count']];
204 $saltWithSettings .= $salt;
206 return $saltWithSettings;
221 protected function cryptPassword(
string $password,
string $setting)
226 $setting = substr($setting, 0, strlen(self::PREFIX) + 1 + $reqLenBase64);
229 if ($count_log2 >= 7 && $count_log2 <= 24) {
230 $salt = substr($setting, strlen(self::PREFIX) + 1, $reqLenBase64);
236 $count = 1 << $count_log2;
237 $hash = md5($salt . $password,
true);
239 $hash = md5($hash . $password,
true);
243 return strlen($saltedPW) == 34 ? $saltedPW :
false;
256 return strpos($this->
getItoa64(), $setting[strlen(self::PREFIX)]);
272 $randomBytes = GeneralUtility::makeInstance(Random::class)->generateRandomBytes(6);
283 return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
294 $isValid = ($skip =
false);
296 if (strlen($salt) >= $reqLenBase64) {
298 if (!strncmp(
'$', $salt, 1)) {
299 if (!strncmp(self::PREFIX, $salt, strlen(self::PREFIX))) {
301 $salt = substr($salt, strrpos($salt,
'$') + 2);
307 if (!$skip && strlen($salt) >= $reqLenBase64) {
308 if (preg_match(
'/^[' . preg_quote($this->
getItoa64(),
'/') .
']{' . $reqLenBase64 .
',' . $reqLenBase64 .
'}$/', substr($salt, 0, $reqLenBase64))) {
323 protected function base64Encode(
string $input,
int $count):
string
329 $value = ord($input[$i++]);
332 $value |= ord($input[$i]) << 8;
334 $output .= $itoa64[$value >> 6 & 63];
335 if ($i++ >= $count) {
339 $value |= ord($input[$i]) << 16;
341 $output .= $itoa64[$value >> 12 & 63];
342 if ($i++ >= $count) {
345 $output .= $itoa64[$value >> 18 & 63];
346 }
while ($i < $count);
360 return (
int)ceil($byteLength * 8 / 6);
371 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
372 return $this->options[
'hash_count'];
383 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
395 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
407 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
419 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
431 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
432 if ($hashCount >= 7 && $hashCount <= 24) {
433 $this->options[
'hash_count'] = $hashCount;
445 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
457 trigger_error(
'This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);