diff options
Diffstat (limited to 'phpBB/phpbb/passwords')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/argon2i.php | 73 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/driver/argon2id.php | 33 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/driver/base_native.php | 75 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/manager.php | 2 |
4 files changed, 182 insertions, 1 deletions
diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php new file mode 100644 index 0000000000..49d7d6393e --- /dev/null +++ b/phpBB/phpbb/passwords/driver/argon2i.php @@ -0,0 +1,73 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\passwords\driver; + +class argon2i extends base_native +{ + /** @var int Maximum memory (in bytes) that may be used to compute the Argon2 hash */ + protected $memory_cost; + + /** @var int Number of threads to use for computing the Argon2 hash */ + protected $threads; + + /** @var int Maximum amount of time it may take to compute the Argon2 hash */ + protected $time_cost; + + /** + * Constructor of passwords driver object + * + * @param \phpbb\config\config $config phpBB config + * @param \phpbb\passwords\driver\helper $helper Password driver helper + * @param int $memory_cost Maximum memory (optional) + * @param int $threads Number of threads to use (optional) + * @param int $time_cost Maximum amount of time (optional) + */ + public function __construct(\phpbb\config\config $config, helper $helper, $memory_cost = 1024, $threads = 2, $time_cost = 2) + { + parent::__construct($config, $helper); + + // Don't allow cost factors to be below default settings + $this->memory_cost = max($memory_cost, 1024); + $this->threads = max($threads, 2); + $this->time_cost = max($time_cost, 2); + } + + /** + * {@inheritdoc} + */ + public function get_algo_name() + { + return 'PASSWORD_ARGON2I'; + } + + /** + * {@inheritdoc} + */ + public function get_options() + { + return [ + 'memory_cost' => $this->memory_cost, + 'time_cost' => $this->time_cost, + 'threads' => $this->threads + ]; + } + + /** + * {@inheritdoc} + */ + public function get_prefix() + { + return '$argon2i$'; + } +} diff --git a/phpBB/phpbb/passwords/driver/argon2id.php b/phpBB/phpbb/passwords/driver/argon2id.php new file mode 100644 index 0000000000..9e4b08bbb9 --- /dev/null +++ b/phpBB/phpbb/passwords/driver/argon2id.php @@ -0,0 +1,33 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\passwords\driver; + +class argon2id extends argon2i +{ + /** + * {@inheritdoc} + */ + public function get_algo_name() + { + return 'PASSWORD_ARGON2ID'; + } + + /** + * {@inheritdoc} + */ + public function get_prefix() + { + return '$argon2id$'; + } +} diff --git a/phpBB/phpbb/passwords/driver/base_native.php b/phpBB/phpbb/passwords/driver/base_native.php new file mode 100644 index 0000000000..87498327f9 --- /dev/null +++ b/phpBB/phpbb/passwords/driver/base_native.php @@ -0,0 +1,75 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\passwords\driver; + +abstract class base_native extends base +{ + /** + * Return the constant name for this driver's algorithm + * + * @link https://www.php.net/manual/en/password.constants.php + * + * @return string + */ + abstract public function get_algo_name(); + + /** + * Return the options set for this driver instance + * + * @return array + */ + abstract public function get_options(); + + /** + * {@inheritdoc} + */ + public function check($password, $hash, $user_row = []) + { + return password_verify($password, $hash); + } + + /** + * Return the value for this driver's algorithm + * + * @return integer + */ + public function get_algo_value() + { + return constant($this->get_algo_name()); + } + + /** + * {@inheritdoc} + */ + public function hash($password) + { + return password_hash($password, $this->get_algo_value(), $this->get_options()); + } + + /** + * {@inheritdoc} + */ + public function is_supported() + { + return defined($this->get_algo_name()) && function_exists('password_hash') && function_exists('password_needs_rehash') && function_exists('password_verify'); + } + + /** + * {@inheritdoc} + */ + public function needs_rehash($hash) + { + return password_needs_rehash($hash, $this->get_algo_value(), $this->get_options()); + } +} diff --git a/phpBB/phpbb/passwords/manager.php b/phpBB/phpbb/passwords/manager.php index fad76a9fe5..54e6dce4be 100644 --- a/phpBB/phpbb/passwords/manager.php +++ b/phpBB/phpbb/passwords/manager.php @@ -250,7 +250,7 @@ class manager /** * Check supplied password against hash and set convert_flag if password - * needs to be converted to different format (preferrably newer one) + * needs to be converted to different format (preferably newer one) * * @param string $password Password that should be checked * @param string $hash Stored hash |