1<?php
2
3declare(strict_types=1);
4
5/*
6 * This file is part of the TYPO3 CMS project.
7 *
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
11 *
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
14 *
15 * The TYPO3 project - inspiring people to share!
16 */
17
18namespace TYPO3\CMS\Install\Updates;
19
20use TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash;
21use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
22use TYPO3\CMS\Core\Utility\GeneralUtility;
23
24/**
25 * Informational upgrade wizard to remind upgrading instances
26 * may have to verify argon2i is available on the live servers
27 * @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API.
28 */
29class Argon2iPasswordHashes implements UpgradeWizardInterface, ConfirmableInterface
30{
31    /**
32     * @var Confirmation
33     */
34    protected $confirmation;
35
36    public function __construct()
37    {
38        $this->confirmation = new Confirmation(
39            'Please make sure to read the following carefully:',
40            $this->getDescription(),
41            false,
42            'Yes, I understand!',
43            '',
44            true
45        );
46    }
47
48    /**
49     * @return string Unique identifier of this updater
50     */
51    public function getIdentifier(): string
52    {
53        return 'argon2iPasswordHashes';
54    }
55
56    /**
57     * @return string Title of this updater
58     */
59    public function getTitle(): string
60    {
61        return 'Reminder to verify live system supports argon2i';
62    }
63
64    /**
65     * @return string Longer description of this updater
66     */
67    public function getDescription(): string
68    {
69        return 'TYPO3 uses the modern hash mechanism "argon2i" on this system. Existing passwords'
70               . ' will be automatically upgraded to this mechanism upon user login. If this instance'
71               . ' is later deployed to a different system, make sure the system does support argon2i'
72               . ' too, otherwise logins will fail. If that is not possible, select a different hash'
73               . ' algorithm in Setting > Presets > Password hashing settings and make sure no user'
74               . ' has been upgraded yet. This upgrade wizard exists only to inform you, it does not'
75               . ' change the system';
76    }
77
78    /**
79     * Checks whether updates are required.
80     *
81     * @return bool Whether an update is required (TRUE) or not (FALSE)
82     */
83    public function updateNecessary(): bool
84    {
85        $passwordHashFactory = GeneralUtility::makeInstance(PasswordHashFactory::class);
86        $feHash = $passwordHashFactory->getDefaultHashInstance('BE');
87        $beHash = $passwordHashFactory->getDefaultHashInstance('FE');
88        return $feHash instanceof Argon2iPasswordHash || $beHash instanceof Argon2iPasswordHash;
89    }
90
91    /**
92     * @return string[] All new fields and tables must exist
93     */
94    public function getPrerequisites(): array
95    {
96        return [
97            DatabaseUpdatedPrerequisite::class,
98        ];
99    }
100
101    /**
102     * This upgrade wizard has informational character only, it does not perform actions.
103     *
104     * @return bool Whether everything went smoothly or not
105     */
106    public function executeUpdate(): bool
107    {
108        return true;
109    }
110
111    /**
112     * Return a confirmation message instance
113     *
114     * @return Confirmation
115     */
116    public function getConfirmation(): Confirmation
117    {
118        return $this->confirmation;
119    }
120}
121