MediaWiki REL1_34
Argon2Password Class Reference

Implements Argon2, a modern key derivation algorithm designed to resist GPU cracking and side-channel attacks. More...

Inheritance diagram for Argon2Password:
Collaboration diagram for Argon2Password:

Public Member Functions

 crypt ( $password)
 Hash a password and store the result in this object.The result of the password hash should be put into the internal state of the hash object.
Parameters
string$passwordPassword to hash
Exceptions
PasswordErrorIf an internal error occurs in hashing

 
 equals ( $other)
 Compare one Password object to this object.By default, do a timing-safe string comparison on the result of Password::toString() for each object. This can be overridden to do custom comparison, but it is not recommended unless necessary.
Deprecated
since 1.33, use verify()
Parameters
Password | string$otherThe other password
Returns
bool True if equal, false otherwise

 
 needsUpdate ()
 Determine if the hash needs to be updated.
Returns
bool True if needs update, false otherwise

 
 toString ()
 Convert this hash to a string that can be stored in the database.The resulting string should be considered the seralized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.
Returns
string
Exceptions
PasswordErrorif password cannot be serialized to fit a tinyblob.

 
 verify ( $password)
 Checks whether the given password matches the hash stored in this object.
Parameters
string$passwordPassword to check
Returns
bool

 
- Public Member Functions inherited from Password
 __construct (PasswordFactory $factory, array $config, $hash=null)
 Construct the Password object using a string hash.
 
 getType ()
 Get the type name of the password.
 

Protected Member Functions

 isSupported ()
 Whether current password type is supported on this system.
Returns
bool

 
- Protected Member Functions inherited from Password
 assertIsSafeSize ( $hash)
 Assert that hash will fit in a tinyblob field.
 
 parseHash ( $hash)
 Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
 

Private Member Functions

 prepareParams ()
 

Static Private Attributes

static null[] $knownOptions
 Array with known password_hash() option names as keys.
 

Additional Inherited Members

- Public Attributes inherited from Password
const MAX_HASH_SIZE = 255
 Hash must fit in user_password, which is a tinyblob.
 
- Protected Attributes inherited from Password
array $config
 Array of configuration variables injected from the constructor.
 
PasswordFactory $factory
 Factory that created the object.
 
string $hash
 String representation of the hash without the type.
 

Detailed Description

Implements Argon2, a modern key derivation algorithm designed to resist GPU cracking and side-channel attacks.

See also
https://en.wikipedia.org/wiki/Argon2

Definition at line 30 of file Argon2Password.php.

Member Function Documentation

◆ crypt()

Argon2Password::crypt ( $password)

Hash a password and store the result in this object.The result of the password hash should be put into the internal state of the hash object.

Parameters
string$passwordPassword to hash
Exceptions
PasswordErrorIf an internal error occurs in hashing

Reimplemented from Password.

Definition at line 75 of file Argon2Password.php.

References prepareParams().

◆ equals()

Argon2Password::equals ( $other)

Compare one Password object to this object.By default, do a timing-safe string comparison on the result of Password::toString() for each object. This can be overridden to do custom comparison, but it is not recommended unless necessary.

Deprecated
since 1.33, use verify()
Parameters
Password | string$otherThe other password
Returns
bool True if equal, false otherwise

Reimplemented from Password.

Definition at line 83 of file Argon2Password.php.

References verify(), and wfDeprecated().

◆ isSupported()

Argon2Password::isSupported ( )
protected

Whether current password type is supported on this system.

Returns
bool

Reimplemented from Password.

Definition at line 43 of file Argon2Password.php.

◆ needsUpdate()

Argon2Password::needsUpdate ( )

Determine if the hash needs to be updated.

Returns
bool True if needs update, false otherwise

Reimplemented from Password.

Definition at line 115 of file Argon2Password.php.

References prepareParams().

◆ prepareParams()

Argon2Password::prepareParams ( )
private
Returns
mixed[] Array of 2nd and third parmeters to password_hash()

Definition at line 51 of file Argon2Password.php.

Referenced by crypt(), and needsUpdate().

◆ toString()

Argon2Password::toString ( )

Convert this hash to a string that can be stored in the database.The resulting string should be considered the seralized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.

Returns
string
Exceptions
PasswordErrorif password cannot be serialized to fit a tinyblob.

Reimplemented from Password.

Definition at line 106 of file Argon2Password.php.

References $res, and Password\assertIsSafeSize().

◆ verify()

Argon2Password::verify ( $password)

Checks whether the given password matches the hash stored in this object.

Parameters
string$passwordPassword to check
Returns
bool

Reimplemented from Password.

Definition at line 97 of file Argon2Password.php.

Referenced by equals().

Member Data Documentation

◆ $knownOptions

null [] Argon2Password::$knownOptions
staticprivate
Initial value:
= [
'memory_cost' => null,
'time_cost' => null,
'threads' => null,
]

Array with known password_hash() option names as keys.

Definition at line 34 of file Argon2Password.php.


The documentation for this class was generated from the following file: