1<?php 2 3declare(strict_types=1); 4 5/* 6 * This file is part of the TYPO3 CMS project. 7 * 8 * It is free software; you can redistribute it and/or modify it under 9 * the terms of the GNU General Public License, either version 2 10 * of the License, or any later version. 11 * 12 * For the full copyright and license information, please read the 13 * LICENSE.txt file that was distributed with this source code. 14 * 15 * The TYPO3 project - inspiring people to share! 16 */ 17 18namespace TYPO3\CMS\Install\Updates; 19 20use TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash; 21use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory; 22use TYPO3\CMS\Core\Utility\GeneralUtility; 23 24/** 25 * Informational upgrade wizard to remind upgrading instances 26 * may have to verify argon2i is available on the live servers 27 * @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API. 28 */ 29class Argon2iPasswordHashes implements UpgradeWizardInterface, ConfirmableInterface 30{ 31 /** 32 * @var Confirmation 33 */ 34 protected $confirmation; 35 36 public function __construct() 37 { 38 $this->confirmation = new Confirmation( 39 'Please make sure to read the following carefully:', 40 $this->getDescription(), 41 false, 42 'Yes, I understand!', 43 '', 44 true 45 ); 46 } 47 48 /** 49 * @return string Unique identifier of this updater 50 */ 51 public function getIdentifier(): string 52 { 53 return 'argon2iPasswordHashes'; 54 } 55 56 /** 57 * @return string Title of this updater 58 */ 59 public function getTitle(): string 60 { 61 return 'Reminder to verify live system supports argon2i'; 62 } 63 64 /** 65 * @return string Longer description of this updater 66 */ 67 public function getDescription(): string 68 { 69 return 'TYPO3 uses the modern hash mechanism "argon2i" on this system. Existing passwords' 70 . ' will be automatically upgraded to this mechanism upon user login. If this instance' 71 . ' is later deployed to a different system, make sure the system does support argon2i' 72 . ' too, otherwise logins will fail. If that is not possible, select a different hash' 73 . ' algorithm in Setting > Presets > Password hashing settings and make sure no user' 74 . ' has been upgraded yet. This upgrade wizard exists only to inform you, it does not' 75 . ' change the system'; 76 } 77 78 /** 79 * Checks whether updates are required. 80 * 81 * @return bool Whether an update is required (TRUE) or not (FALSE) 82 */ 83 public function updateNecessary(): bool 84 { 85 $passwordHashFactory = GeneralUtility::makeInstance(PasswordHashFactory::class); 86 $feHash = $passwordHashFactory->getDefaultHashInstance('BE'); 87 $beHash = $passwordHashFactory->getDefaultHashInstance('FE'); 88 return $feHash instanceof Argon2iPasswordHash || $beHash instanceof Argon2iPasswordHash; 89 } 90 91 /** 92 * @return string[] All new fields and tables must exist 93 */ 94 public function getPrerequisites(): array 95 { 96 return [ 97 DatabaseUpdatedPrerequisite::class, 98 ]; 99 } 100 101 /** 102 * This upgrade wizard has informational character only, it does not perform actions. 103 * 104 * @return bool Whether everything went smoothly or not 105 */ 106 public function executeUpdate(): bool 107 { 108 return true; 109 } 110 111 /** 112 * Return a confirmation message instance 113 * 114 * @return Confirmation 115 */ 116 public function getConfirmation(): Confirmation 117 { 118 return $this->confirmation; 119 } 120} 121