MediaWiki  master
Argon2Password.php
Go to the documentation of this file.
1 <?php
2 
4 
30 class Argon2Password extends Password {
34  private const KNOWN_OPTIONS = [
35  'memory_cost' => null,
36  'time_cost' => null,
37  'threads' => null,
38  ];
39 
43  protected function isSupported() {
44  // It is actually possible to have a PHP build with Argon2i but not Argon2id
45  return defined( 'PASSWORD_ARGON2I' ) || defined( 'PASSWORD_ARGON2ID' );
46  }
47 
51  private function prepareParams() {
52  switch ( $this->config['algo'] ) {
53  case 'argon2i':
54  $algo = PASSWORD_ARGON2I;
55  break;
56  case 'argon2id':
57  $algo = PASSWORD_ARGON2ID;
58  break;
59  case 'auto':
60  $algo = defined( 'PASSWORD_ARGON2ID' ) ? PASSWORD_ARGON2ID : PASSWORD_ARGON2I;
61  break;
62  default:
63  throw new LogicException( "Unexpected algo: {$this->config['algo']}" );
64 
65  }
66 
67  $params = array_intersect_key( $this->config, self::KNOWN_OPTIONS );
68 
69  return [ $algo, $params ];
70  }
71 
75  public function crypt( $password ) {
76  list( $algo, $params ) = $this->prepareParams();
77  $this->hash = password_hash( $password, $algo, $params );
78  }
79 
83  public function verify( $password ) {
84  Assert::parameterType( 'string', $password, '$password' );
85 
86  return password_verify( $password, $this->hash );
87  }
88 
92  public function toString() {
93  $res = ":argon2:{$this->hash}";
94  $this->assertIsSafeSize( $res );
95  return $res;
96  }
97 
101  public function needsUpdate() {
102  list( $algo, $params ) = $this->prepareParams();
103  return password_needs_rehash( $this->hash, $algo, $params );
104  }
105 }
crypt( $password)
Implements Argon2, a modern key derivation algorithm designed to resist GPU cracking and side-channel...
assertIsSafeSize( $hash)
Assert that hash will fit in a tinyblob field.
Definition: Password.php:195
verify( $password)