From a4a5b069ec60bda85b3f5ef9a0c317f2b173ad27 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Mon, 15 Apr 2019 17:46:29 +0200 Subject: [ticket/16016] Add a base class for native password hashing PHPBB3-16016 --- phpBB/phpbb/passwords/driver/argon2i.php | 38 ++------------ phpBB/phpbb/passwords/driver/base_native.php | 75 ++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+), 33 deletions(-) create mode 100644 phpBB/phpbb/passwords/driver/base_native.php (limited to 'phpBB/phpbb/passwords/driver') diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php index 0ae4cea03a..49d7d6393e 100644 --- a/phpBB/phpbb/passwords/driver/argon2i.php +++ b/phpBB/phpbb/passwords/driver/argon2i.php @@ -13,10 +13,8 @@ namespace phpbb\passwords\driver; -class argon2i extends base +class argon2i extends base_native { - const PREFIX = '$argon2i$'; - /** @var int Maximum memory (in bytes) that may be used to compute the Argon2 hash */ protected $memory_cost; @@ -48,15 +46,13 @@ class argon2i extends base /** * {@inheritdoc} */ - public function check($password, $hash, $user_row = []) + public function get_algo_name() { - return password_verify($password, $hash); + return 'PASSWORD_ARGON2I'; } /** - * Return the options set for this driver instance - * - * @return array + * {@inheritdoc} */ public function get_options() { @@ -72,30 +68,6 @@ class argon2i extends base */ public function get_prefix() { - return self::PREFIX; - } - - /** - * {@inheritdoc} - */ - public function hash($password) - { - return password_hash($password, PASSWORD_ARGON2I, $this->get_options()); - } - - /** - * {@inheritdoc} - */ - public function is_supported() - { - return defined('PASSWORD_ARGON2I') && function_exists('password_hash') && function_exists('password_needs_rehash') && function_exists('password_verify'); - } - - /** - * {@inheritdoc} - */ - public function needs_rehash($hash) - { - return password_needs_rehash($hash, PASSWORD_ARGON2I, $this->get_options()); + return '$argon2i$'; } } diff --git a/phpBB/phpbb/passwords/driver/base_native.php b/phpBB/phpbb/passwords/driver/base_native.php new file mode 100644 index 0000000000..87498327f9 --- /dev/null +++ b/phpBB/phpbb/passwords/driver/base_native.php @@ -0,0 +1,75 @@ + +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\passwords\driver; + +abstract class base_native extends base +{ + /** + * Return the constant name for this driver's algorithm + * + * @link https://www.php.net/manual/en/password.constants.php + * + * @return string + */ + abstract public function get_algo_name(); + + /** + * Return the options set for this driver instance + * + * @return array + */ + abstract public function get_options(); + + /** + * {@inheritdoc} + */ + public function check($password, $hash, $user_row = []) + { + return password_verify($password, $hash); + } + + /** + * Return the value for this driver's algorithm + * + * @return integer + */ + public function get_algo_value() + { + return constant($this->get_algo_name()); + } + + /** + * {@inheritdoc} + */ + public function hash($password) + { + return password_hash($password, $this->get_algo_value(), $this->get_options()); + } + + /** + * {@inheritdoc} + */ + public function is_supported() + { + return defined($this->get_algo_name()) && function_exists('password_hash') && function_exists('password_needs_rehash') && function_exists('password_verify'); + } + + /** + * {@inheritdoc} + */ + public function needs_rehash($hash) + { + return password_needs_rehash($hash, $this->get_algo_value(), $this->get_options()); + } +} -- cgit v1.2.1