Home Explore Help
Sign In
NeoZones
/
pennyspages
mirror of https://github.com/NeoZones/pennyspages
Watch 2
Star 0
Fork 0
Files Issues 0 Wiki
Branch: main
Branches Tags
pennyspages
/
includes
/
password
/
Argon2Password.php

Argon2Password.php 2.9 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. <?php
    2. 

  2. 

  3. use Wikimedia\Assert\Assert;
    4. 

  4. 

  5. /**
    6. 

  6.  * This program is free software; you can redistribute it and/or modify
    7. 

  7.  * it under the terms of the GNU General Public License as published by
    8. 

  8.  * the Free Software Foundation; either version 2 of the License, or
    9. 

  9.  * (at your option) any later version.
    10. 

  10.  *
    11. 

  11.  * This program is distributed in the hope that it will be useful,
    12. 

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    14. 

  14.  * GNU General Public License for more details.
    15. 

  15.  *
    16. 

  16.  * You should have received a copy of the GNU General Public License along
    17. 

  17.  * with this program; if not, write to the Free Software Foundation, Inc.,
    18. 

  18.  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
    19. 

  19.  * http://www.gnu.org/copyleft/gpl.html
    20. 

  20.  *
    21. 

  21.  * @file
    22. 

  22.  */
    23. 

  23. 

  24. /**
    25. 

  25.  * Implements Argon2, a modern key derivation algorithm designed to resist GPU cracking and
    26. 

  26.  * side-channel attacks.
    27. 

  27.  *
    28. 

  28.  * @see https://en.wikipedia.org/wiki/Argon2
    29. 

  29.  */
    30. 

  30. class Argon2Password extends Password {
    31. 

  31. 	/**
    32. 

  32. 	 * @var null[] Array with known password_hash() option names as keys
    33. 

  33. 	 */
    34. 

  34. 	private static $knownOptions = [
    35. 

  35. 		'memory_cost' => null,
    36. 

  36. 		'time_cost' => null,
    37. 

  37. 		'threads' => null,
    38. 

  38. 	];
    39. 

  39. 

  40. 	/**
    41. 

  41. 	 * @inheritDoc
    42. 

  42. 	 */
    43. 

  43. 	protected function isSupported() {
    44. 

  44. 		// It is actually possible to have a PHP build with Argon2i but not Argon2id
    45. 

  45. 		return defined( 'PASSWORD_ARGON2I' ) || defined( 'PASSWORD_ARGON2ID' );
    46. 

  46. 	}
    47. 

  47. 

  48. 	/**
    49. 

  49. 	 * @return mixed[] Array of 2nd and third parmeters to password_hash()
    50. 

  50. 	 */
    51. 

  51. 	private function prepareParams() {
    52. 

  52. 		switch ( $this->config['algo'] ) {
    53. 

  53. 			case 'argon2i':
    54. 

  54. 				$algo = PASSWORD_ARGON2I;
    55. 

  55. 				break;
    56. 

  56. 			case 'argon2id':
    57. 

  57. 				$algo = PASSWORD_ARGON2ID;
    58. 

  58. 				break;
    59. 

  59. 			case 'auto':
    60. 

  60. 				$algo = defined( 'PASSWORD_ARGON2ID' ) ? PASSWORD_ARGON2ID : PASSWORD_ARGON2I;
    61. 

  61. 				break;
    62. 

  62. 			default:
    63. 

  63. 				throw new LogicException( "Unexpected algo: {$this->config['algo']}" );
    64. 

  64. 

  65. 		}
    66. 

  66. 

  67. 		$params = array_intersect_key( $this->config, self::$knownOptions );
    68. 

  68. 

  69. 		return [ $algo, $params ];
    70. 

  70. 	}
    71. 

  71. 

  72. 	/**
    73. 

  73. 	 * @inheritDoc
    74. 

  74. 	 */
    75. 

  75. 	public function crypt( $password ) {
    76. 

  76. 		list( $algo, $params ) = $this->prepareParams();
    77. 

  77. 		$this->hash = password_hash( $password, $algo, $params );
    78. 

  78. 	}
    79. 

  79. 

  80. 	/**
    81. 

  81. 	 * @inheritDoc
    82. 

  82. 	 */
    83. 

  83. 	public function equals( $other ) {
    84. 

  84. 		wfDeprecated( __METHOD__, '1.33' );
    85. 

  85. 

  86. 		if ( is_string( $other ) ) {
    87. 

  87. 			return $this->verify( $other );
    88. 

  88. 		}
    89. 

  89. 

  90. 		// Argon2 key derivation is not deterministic, can't pass objects to equals()
    91. 

  91. 		return false;
    92. 

  92. 	}
    93. 

  93. 

  94. 	/**
    95. 

  95. 	 * @inheritDoc
    96. 

  96. 	 */
    97. 

  97. 	public function verify( $password ) {
    98. 

  98. 		Assert::parameterType( 'string', $password, '$password' );
    99. 

  99. 

  100. 		return password_verify( $password, $this->hash );
    101. 

  101. 	}
    102. 

  102. 

  103. 	/**
    104. 

  104. 	 * @inheritDoc
    105. 

  105. 	 */
    106. 

  106. 	public function toString() {
    107. 

  107. 		$res = ":argon2:{$this->hash}";
    108. 

  108. 		$this->assertIsSafeSize( $res );
    109. 

  109. 		return $res;
    110. 

  110. 	}
    111. 

  111. 

  112. 	/**
    113. 

  113. 	 * @inheritDoc
    114. 

  114. 	 */
    115. 

  115. 	public function needsUpdate() {
    116. 

  116. 		list( $algo, $params ) = $this->prepareParams();
    117. 

  117. 		return password_needs_rehash( $this->hash, $algo, $params );
    118. 

  118. 	}
    119. 

  119. }
    120. 

  120.