diff options
Diffstat (limited to 'vendor/thecodingmachine/safe/generated/password.php')
-rw-r--r-- | vendor/thecodingmachine/safe/generated/password.php | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/vendor/thecodingmachine/safe/generated/password.php b/vendor/thecodingmachine/safe/generated/password.php new file mode 100644 index 000000000..3808e02b9 --- /dev/null +++ b/vendor/thecodingmachine/safe/generated/password.php @@ -0,0 +1,126 @@ +<?php + +namespace Safe; + +use Safe\Exceptions\PasswordException; + +/** + * password_hash creates a new password hash using a strong one-way hashing + * algorithm. password_hash is compatible with crypt. + * Therefore, password hashes created by crypt can be used with + * password_hash. + * + * + * + * + * PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5.0). + * Note that this constant is designed to change over time as new and stronger algorithms are added + * to PHP. For that reason, the length of the result from using this identifier can change over + * time. Therefore, it is recommended to store the result in a database column that can expand + * beyond 60 characters (255 characters would be a good choice). + * + * + * + * + * PASSWORD_BCRYPT - Use the CRYPT_BLOWFISH algorithm to + * create the hash. This will produce a standard crypt compatible hash using + * the "$2y$" identifier. The result will always be a 60 character string. + * + * + * + * + * PASSWORD_ARGON2I - Use the Argon2i hashing algorithm to create the hash. + * This algorithm is only available if PHP has been compiled with Argon2 support. + * + * + * + * + * PASSWORD_ARGON2ID - Use the Argon2id hashing algorithm to create the hash. + * This algorithm is only available if PHP has been compiled with Argon2 support. + * + * + * + * + * + * + * + * salt (string) - to manually provide a salt to use when hashing the password. + * Note that this will override and prevent a salt from being automatically generated. + * + * + * If omitted, a random salt will be generated by password_hash for + * each password hashed. This is the intended mode of operation. + * + * + * + * The salt option has been deprecated as of PHP 7.0.0. It is now + * preferred to simply use the salt that is generated by default. + * + * + * + * + * + * cost (integer) - which denotes the algorithmic cost that should be used. + * Examples of these values can be found on the crypt page. + * + * + * If omitted, a default value of 10 will be used. This is a good + * baseline cost, but you may want to consider increasing it depending on your hardware. + * + * + * + * + * + * + * + * memory_cost (integer) - Maximum memory (in kibibytes) that may + * be used to compute the Argon2 hash. Defaults to PASSWORD_ARGON2_DEFAULT_MEMORY_COST. + * + * + * + * + * time_cost (integer) - Maximum amount of time it may + * take to compute the Argon2 hash. Defaults to PASSWORD_ARGON2_DEFAULT_TIME_COST. + * + * + * + * + * threads (integer) - Number of threads to use for computing + * the Argon2 hash. Defaults to PASSWORD_ARGON2_DEFAULT_THREADS. + * + * + * + * + * @param string $password The user's password. + * + * Using the PASSWORD_BCRYPT as the + * algorithm, will result + * in the password parameter being truncated to a + * maximum length of 72 characters. + * @param int|string|null $algo A password algorithm constant denoting the algorithm to use when hashing the password. + * @param array $options An associative array containing options. See the password algorithm constants for documentation on the supported options for each algorithm. + * + * If omitted, a random salt will be created and the default cost will be + * used. + * @return string Returns the hashed password. + * + * The used algorithm, cost and salt are returned as part of the hash. Therefore, + * all information that's needed to verify the hash is included in it. This allows + * the password_verify function to verify the hash without + * needing separate storage for the salt or algorithm information. + * @throws PasswordException + * + */ +function password_hash(string $password, $algo, array $options = null): string +{ + error_clear_last(); + if ($options !== null) { + $result = \password_hash($password, $algo, $options); + } else { + $result = \password_hash($password, $algo); + } + if ($result === false) { + throw PasswordException::createFromPhpError(); + } + return $result; +} |