‪TYPO3CMS  ‪main
PasswordHashFactory.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Crypto\PasswordHashing;
19 
20 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
21 
26 class ‪PasswordHashFactory
27 {
38  public function get(string $hash, string $mode): ‪PasswordHashInterface
39  {
40  if ($mode !== 'FE' && $mode !== 'BE') {
41  throw new \InvalidArgumentException('Mode must be either \'FE\' or \'BE\', ' . $mode . ' given.', 1533948312);
42  }
43 
44  $registeredHashClasses = static::getRegisteredSaltedHashingMethods();
45 
46  if (empty(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['className'])
47  || !isset(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'])
48  || !is_array(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'])
49  ) {
50  throw new \LogicException(
51  'passwordHashing configuration of ' . $mode . ' broken',
52  1533949053
53  );
54  }
55  $defaultHashClassName = ‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['className'];
56  $defaultHashOptions = (array)‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'];
57 
58  foreach ($registeredHashClasses as $className) {
59  if ($className === $defaultHashClassName) {
60  $hashInstance = GeneralUtility::makeInstance($className, $defaultHashOptions);
61  } else {
62  $hashInstance = GeneralUtility::makeInstance($className);
63  }
64  if (!$hashInstance instanceof ‪PasswordHashInterface) {
65  throw new \LogicException('Class ' . $className . ' does not implement PasswordHashInterface', 1533818569);
66  }
67  if ($hashInstance->isAvailable() && $hashInstance->isValidSaltedPW($hash)) {
68  return $hashInstance;
69  }
70  }
71  // Do not add the hash to the exception to prevent information disclosure
72  throw new ‪InvalidPasswordHashException(
73  'No implementation found to handle given hash. This happens if the stored hash uses a'
74  . ' mechanism not supported by current server. Follow the documentation link to fix this issue.',
75  1533818591
76  );
77  }
78 
88  public function ‪getDefaultHashInstance(string $mode): ‪PasswordHashInterface
89  {
90  if ($mode !== 'FE' && $mode !== 'BE') {
91  throw new \InvalidArgumentException('Mode must be either \'FE\' or \'BE\', ' . $mode . ' given.', 1533820041);
92  }
93 
94  if (empty(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['className'])
95  || !isset(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'])
96  || !is_array(‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'])
97  ) {
98  throw new \LogicException(
99  'passwordHashing configuration of ' . $mode . ' broken',
100  1533950622
101  );
102  }
103 
104  $defaultHashClassName = ‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['className'];
105  $defaultHashOptions = ‪$GLOBALS['TYPO3_CONF_VARS'][$mode]['passwordHashing']['options'];
106  $availableHashClasses = static::getRegisteredSaltedHashingMethods();
107 
108  if (!in_array($defaultHashClassName, $availableHashClasses, true)) {
109  throw new ‪InvalidPasswordHashException(
110  'Configured default hash method ' . $defaultHashClassName . ' is not registered',
111  1533820194
112  );
113  }
114  $hashInstance = GeneralUtility::makeInstance($defaultHashClassName, $defaultHashOptions);
115  if (!$hashInstance instanceof ‪PasswordHashInterface) {
116  throw new \LogicException(
117  'Configured default hash method ' . $defaultHashClassName . ' is not an instance of PasswordHashInterface',
118  1533820281
119  );
120  }
121  if (!$hashInstance->isAvailable()) {
122  throw new ‪InvalidPasswordHashException(
123  'Configured default hash method ' . $defaultHashClassName . ' is not available. If'
124  . ' the instance has just been upgraded, please log in to the standalone install tool'
125  . ' at typo3/install.php to fix this. Follow the documentation link for more details.',
126  1533822084
127  );
128  }
129  return $hashInstance;
130  }
131 
138  public static function ‪getRegisteredSaltedHashingMethods(): array
139  {
140  $saltMethods = ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'];
141  if (!is_array($saltMethods) || empty($saltMethods)) {
142  throw new \RuntimeException('No password hash methods configured', 1533948733);
143  }
144  return $saltMethods;
145  }
146 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory
Definition: PasswordHashFactory.php:27
‪TYPO3\CMS\Core\Crypto\PasswordHashing
Definition: AbstractArgon2PasswordHash.php:18
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:25
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory\getDefaultHashInstance
‪PasswordHashInterface getDefaultHashInstance(string $mode)
Definition: PasswordHashFactory.php:88
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory\getRegisteredSaltedHashingMethods
‪static getRegisteredSaltedHashingMethods()
Definition: PasswordHashFactory.php:138
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:52
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
Definition: PasswordHashInterface.php:25