‪TYPO3CMS  ‪main
TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash Class Reference
Inheritance diagram for TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash:
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash

Public Member Functions

 __construct (array $options=[])
 
bool checkPassword (string $plainPW, string $saltedHashPW)
 
 isAvailable ()
 
 getHashedPassword (string $password)
 
bool isHashUpdateNeeded (string $passString)
 
bool isValidSaltedPW (string $saltedPW)
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface
 getPasswordAlgorithmName ()
 
 getPasswordHashPrefix ()
 

Protected Member Functions

int string null getPasswordAlgorithm ()
 

Protected Attributes

array $options
 

Detailed Description

This abstract class implements the 'argon2' flavour of the php password api.

Definition at line 23 of file AbstractArgon2PasswordHash.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::__construct ( array  $options = [])

Constructor sets options if given

Exceptions

Definition at line 44 of file AbstractArgon2PasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\$options.

Member Function Documentation

◆ checkPassword()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::checkPassword ( string  $plainPW,
string  $saltedHashPW 
)

Checks if a given plaintext password is correct by comparing it with a given salted hashed password.

Parameters
string$plainPW‪plain text password to compare with salted hash
string$saltedHashPW‪Salted hash to compare plain-text password with
Returns
‪bool TRUE, if plaintext password is correct, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 103 of file AbstractArgon2PasswordHash.php.

◆ getHashedPassword()

TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::getHashedPassword ( string  $password)

◆ getPasswordAlgorithm()

int string null TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::getPasswordAlgorithm ( )
protected

◆ isAvailable()

TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::isAvailable ( )

◆ isHashUpdateNeeded()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::isHashUpdateNeeded ( string  $passString)

Checks whether a user's hashed password needs to be replaced with a new hash, for instance if options changed.

Parameters
string$passString‪Salted hash to check if it needs an update
Returns
‪bool TRUE if salted hash needs an update, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 136 of file AbstractArgon2PasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getPasswordAlgorithm().

Referenced by TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2idPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions(), and TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Argon2iPasswordHashTest\isHashUpdateNeededReturnsTrueForHashGeneratedWithOldOptions().

◆ isValidSaltedPW()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::isValidSaltedPW ( string  $saltedPW)

Determines if a given string is a valid password hash.

Parameters
string$saltedPW‪String to check
Returns
‪bool TRUE if it's valid salted hashed password, otherwise FALSE

Implements TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface.

Definition at line 147 of file AbstractArgon2PasswordHash.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\getPasswordAlgorithm(), and TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2PasswordHashInterface\getPasswordHashPrefix().

Member Data Documentation

◆ $options

array TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash::$options
protected
Initial value:
= array(
'memory_cost' => 65536,
'time_cost' => 16,
)

The PHP defaults are rather low ('memory_cost' => 65536, 'time_cost' => 4, 'threads' => 1) We raise that significantly by default. At the time of this writing, with the options below, password_verify() needs about 130ms on an I7 6820 on 2 CPU's (argon2i).

We are not raising the amount of threads used, as that might lead to problems on various systems - see #90612

Definition at line 34 of file AbstractArgon2PasswordHash.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractArgon2PasswordHash\__construct().