MediaWiki  master
Argon2Password.php
Go to the documentation of this file.
1 <?php
21 declare( strict_types = 1 );
22 
29 class Argon2Password extends Password {
33  private const KNOWN_OPTIONS = [
34  'memory_cost' => null,
35  'time_cost' => null,
36  'threads' => null,
37  ];
38 
42  protected function isSupported() : bool {
43  // It is actually possible to have a PHP build with Argon2i but not Argon2id
44  return defined( 'PASSWORD_ARGON2I' ) || defined( 'PASSWORD_ARGON2ID' );
45  }
46 
50  private function prepareParams() : array {
51  switch ( $this->config['algo'] ) {
52  case 'argon2i':
53  $algo = PASSWORD_ARGON2I;
54  break;
55  case 'argon2id':
56  $algo = PASSWORD_ARGON2ID;
57  break;
58  case 'auto':
59  $algo = defined( 'PASSWORD_ARGON2ID' ) ? PASSWORD_ARGON2ID : PASSWORD_ARGON2I;
60  break;
61  default:
62  throw new LogicException( "Unexpected algo: {$this->config['algo']}" );
63 
64  }
65 
66  $params = array_intersect_key( $this->config, self::KNOWN_OPTIONS );
67 
68  return [ $algo, $params ];
69  }
70 
74  public function crypt( string $password ) : void {
75  list( $algo, $params ) = $this->prepareParams();
76  $this->hash = password_hash( $password, $algo, $params );
77  }
78 
82  public function verify( string $password ) : bool {
83  return password_verify( $password, $this->hash );
84  }
85 
89  public function toString() : string {
90  $res = ":argon2:{$this->hash}";
91  $this->assertIsSafeSize( $res );
92  return $res;
93  }
94 
98  public function needsUpdate() : bool {
99  list( $algo, $params ) = $this->prepareParams();
100  return password_needs_rehash( $this->hash, $algo, $params );
101  }
102 }
Argon2Password
Implements Argon2, a modern key derivation algorithm designed to resist GPU cracking and side-channel...
Definition: Argon2Password.php:29
Password\assertIsSafeSize
assertIsSafeSize(string $hash)
Assert that hash will fit in a tinyblob field.
Definition: Password.php:193
Argon2Password\crypt
crypt(string $password)
Hash a password and store the result in this object.The result of the password hash should be put int...
Definition: Argon2Password.php:74
$res
$res
Definition: testCompression.php:57
Argon2Password\isSupported
isSupported()
Whether current password type is supported on this system.bool
Definition: Argon2Password.php:42
Argon2Password\toString
toString()
Convert this hash to a string that can be stored in the database.The resulting string should be consi...
Definition: Argon2Password.php:89
Argon2Password\prepareParams
prepareParams()
Definition: Argon2Password.php:50
Argon2Password\needsUpdate
needsUpdate()
Determine if the hash needs to be updated.bool True if needs update, false otherwise
Definition: Argon2Password.php:98
Argon2Password\verify
verify(string $password)
Checks whether the given password matches the hash stored in this object.Password to check bool
Definition: Argon2Password.php:82
Password
Represents a password hash for use in authentication.
Definition: Password.php:61