Code Coverage for /workspace/src/includes/password/LayeredParameterizedPassword.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	88.24% covered (warning)	88.24%	45 / 51	50.00% covered (danger)	50.00%	2 / 4	CRAP	0.00% covered (danger)	0.00%	0 / 1
LayeredParameterizedPassword	88.24% covered (warning)	88.24%	45 / 51	50.00% covered (danger)	50.00%	2 / 4	17.47	0.00% covered (danger)	0.00%	0 / 1
getDelimiter	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
getDefaultParams	63.64% covered (warning)	63.64%	7 / 11	0.00% covered (danger)	0.00%	0 / 1	4.77
crypt	100.00% covered (success)	100.00%	16 / 16	100.00% covered (success)	100.00%	1 / 1	5
partialCrypt	91.30% covered (success)	91.30%	21 / 23	0.00% covered (danger)	0.00%	0 / 1	7.03

1	<?php
2	/**
3	* Implements the LayeredParameterizedPassword class for the MediaWiki software.
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of the GNU General Public License as published by
7	* the Free Software Foundation; either version 2 of the License, or
8	* (at your option) any later version.
9	*
10	* This program is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	* GNU General Public License for more details.
14	*
15	* You should have received a copy of the GNU General Public License along
16	* with this program; if not, write to the Free Software Foundation, Inc.,
17	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18	* http://www.gnu.org/copyleft/gpl.html
19	*
20	* @file
21	*/
22
23	declare( strict_types = 1 );
24
25	/**
26	* This password hash type layers one or more parameterized password types
27	* on top of each other.
28	*
29	* The underlying types must be parameterized. This wrapping type accumulates
30	* all the parameters and arguments from each hash and then passes the hash of
31	* the last layer as the password for the next layer.
32	*
33	* @since 1.24
34	*/
35	class LayeredParameterizedPassword extends ParameterizedPassword {
36	protected function getDelimiter(): string {
37	return '!';
38	}
39
40	protected function getDefaultParams(): array {
41	$params = [];
42
43	foreach ( $this->config['types'] as $type ) {
44	$passObj = $this->factory->newFromType( $type );
45
46	if ( !$passObj instanceof ParameterizedPassword ) {
47	throw new UnexpectedValueException( 'Underlying type must be a parameterized password.' );
48	} elseif ( $passObj->getDelimiter() === $this->getDelimiter() ) {
49	throw new UnexpectedValueException(
50	'Underlying type cannot use same delimiter as encapsulating type.'
51	);
52	}
53
54	$params[] = implode( $passObj->getDelimiter(), $passObj->getDefaultParams() );
55	}
56
57	return $params;
58	}
59
60	public function crypt( string $password ): void {
61	$lastHash = $password;
62	foreach ( $this->config['types'] as $i => $type ) {
63	// Construct pseudo-hash based on params and arguments
64	/** @var ParameterizedPassword $passObj */
65	$passObj = $this->factory->newFromType( $type );
66	'@phan-var ParameterizedPassword $passObj';
67
68	$params = '';
69	$args = '';
70	if ( $this->params[$i] !== '' ) {
71	$params = $this->params[$i] . $passObj->getDelimiter();
72	}
73	if ( isset( $this->args[$i] ) && $this->args[$i] !== '' ) {
74	$args = $this->args[$i] . $passObj->getDelimiter();
75	}
76	$existingHash = ":$type:" . $params . $args . $this->hash;
77
78	// Hash the last hash with the next type in the layer
79	$passObj = $this->factory->newFromCiphertext( $existingHash );
80	'@phan-var ParameterizedPassword $passObj';
81	$passObj->crypt( $lastHash );
82
83	// Move over the params and args
84	$this->params[$i] = implode( $passObj->getDelimiter(), $passObj->params );
85	$this->args[$i] = implode( $passObj->getDelimiter(), $passObj->args );
86	$lastHash = $passObj->hash;
87	}
88
89	$this->hash = $lastHash;
90	}
91
92	/**
93	* Finish the hashing of a partially hashed layered hash
94	*
95	* Given a password hash that is hashed using the first layer of this object's
96	* configuration, perform the remaining layers of password hashing in order to
97	* get an updated hash with all the layers.
98	*
99	* @param ParameterizedPassword $passObj Password hash of the first layer
100	*/
101	public function partialCrypt( ParameterizedPassword $passObj ) {
102	$type = $passObj->config['type'];
103	if ( $type !== $this->config['types'][0] ) {
104	throw new InvalidArgumentException( 'Only a hash in the first layer can be finished.' );
105	}
106
107	// Gather info from the existing hash
108	$this->params[0] = implode( $passObj->getDelimiter(), $passObj->params );
109	$this->args[0] = implode( $passObj->getDelimiter(), $passObj->args );
110	$lastHash = $passObj->hash;
111
112	// Layer the remaining types
113	foreach ( $this->config['types'] as $i => $type ) {
114	if ( $i == 0 ) {
115	continue;
116	}
117
118	// Construct pseudo-hash based on params and arguments
119	/** @var ParameterizedPassword $passObj */
120	$passObj = $this->factory->newFromType( $type );
121	'@phan-var ParameterizedPassword $passObj';
122
123	$params = '';
124	$args = '';
125	if ( $this->params[$i] !== '' ) {
126	$params = $this->params[$i] . $passObj->getDelimiter();
127	}
128	if ( isset( $this->args[$i] ) && $this->args[$i] !== '' ) {
129	$args = $this->args[$i] . $passObj->getDelimiter();
130	}
131	$existingHash = ":$type:" . $params . $args . $this->hash;
132
133	// Hash the last hash with the next type in the layer
134	$passObj = $this->factory->newFromCiphertext( $existingHash );
135	'@phan-var ParameterizedPassword $passObj';
136	$passObj->crypt( $lastHash );
137
138	// Move over the params and args
139	$this->params[$i] = implode( $passObj->getDelimiter(), $passObj->params );
140	$this->args[$i] = implode( $passObj->getDelimiter(), $passObj->args );
141	$lastHash = $passObj->hash;
142	}
143
144	$this->hash = $lastHash;
145	}
146	}