[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * Part of the Joomla Framework Authentication Package
   4   *
   5   * @copyright  Copyright (C) 2005 - 2021 Open Source Matters, Inc. All rights reserved.
   6   * @license    GNU General Public License version 2 or later; see LICENSE
   7   */
   8  
   9  namespace Joomla\Authentication\Password;
  10  
  11  use Joomla\Authentication\Exception\UnsupportedPasswordHandlerException;
  12  
  13  /**
  14   * Password handler for Argon2id hashed passwords
  15   *
  16   * @since  1.3.0
  17   */
  18  class Argon2idHandler implements HandlerInterface
  19  {
  20      /**
  21       * Generate a hash for a plaintext password
  22       *
  23       * @param   string  $plaintext  The plaintext password to validate
  24       * @param   array   $options    Options for the hashing operation
  25       *
  26       * @return  string
  27       *
  28       * @since   1.3.0
  29       * @throws  UnsupportedPasswordHandlerException if the password handler is not supported
  30       */
  31  	public function hashPassword($plaintext, array $options = [])
  32      {
  33          // Use the password extension if able
  34          if (version_compare(\PHP_VERSION, '7.3', '>=') && \defined('PASSWORD_ARGON2ID'))
  35          {
  36              return password_hash($plaintext, \PASSWORD_ARGON2ID, $options);
  37          }
  38  
  39          throw new UnsupportedPasswordHandlerException('Argon2id algorithm is not supported.');
  40      }
  41  
  42      /**
  43       * Check that the password handler is supported in this environment
  44       *
  45       * @return  boolean
  46       *
  47       * @since   1.3.0
  48       */
  49  	public static function isSupported()
  50      {
  51          // Check for native PHP engine support in the password extension
  52          if (version_compare(\PHP_VERSION, '7.3', '>=') && \defined('PASSWORD_ARGON2ID'))
  53          {
  54              return true;
  55          }
  56  
  57          return false;
  58      }
  59  
  60      /**
  61       * Validate a password
  62       *
  63       * @param   string  $plaintext  The plain text password to validate
  64       * @param   string  $hashed     The password hash to validate against
  65       *
  66       * @return  boolean
  67       *
  68       * @since   1.3.0
  69       * @throws  UnsupportedPasswordHandlerException if the password handler is not supported
  70       */
  71  	public function validatePassword($plaintext, $hashed)
  72      {
  73          // Use the password extension if able
  74          if (version_compare(\PHP_VERSION, '7.3', '>=') && \defined('PASSWORD_ARGON2ID'))
  75          {
  76              return password_verify($plaintext, $hashed);
  77          }
  78  
  79          throw new UnsupportedPasswordHandlerException('Argon2id algorithm is not supported.');
  80      }
  81  }