public function renderConfigurationFooter()
{
$hashers = PhabricatorPasswordHasher::getAllHashers();
$hashers = msort($hashers, 'getStrength');
$hashers = array_reverse($hashers);
$yes = phutil_tag('strong', array('style' => 'color: #009900'), pht('Yes'));
$no = phutil_tag('strong', array('style' => 'color: #990000'), pht('Not Installed'));
$best_hasher_name = null;
try {
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
$best_hasher_name = $best_hasher->getHashName();
} catch (PhabricatorPasswordHasherUnavailableException $ex) {
// There are no suitable hashers. The user might be able to enable some,
// so we don't want to fatal here. We'll fatal when users try to actually
// use this stuff if it isn't fixed before then. Until then, we just
// don't highlight a row. In practice, at least one hasher should always
// be available.
}
$rows = array();
$rowc = array();
foreach ($hashers as $hasher) {
$is_installed = $hasher->canHashPasswords();
$rows[] = array($hasher->getHumanReadableName(), $hasher->getHashName(), $hasher->getHumanReadableStrength(), $is_installed ? $yes : $no, $is_installed ? null : $hasher->getInstallInstructions());
$rowc[] = $best_hasher_name == $hasher->getHashName() ? 'highlighted' : null;
}
$table = new AphrontTableView($rows);
$table->setRowClasses($rowc);
$table->setHeaders(array(pht('Algorithm'), pht('Name'), pht('Strength'), pht('Installed'), pht('Install Instructions')));
$table->setColumnClasses(array('', '', '', '', 'wide'));
$header = id(new PHUIHeaderView())->setHeader(pht('Password Hash Algorithms'))->setSubheader(pht('Stronger algorithms are listed first. The highlighted algorithm ' . 'will be used when storing new hashes. Older hashes will be ' . 'upgraded to the best algorithm over time.'));
return id(new PHUIObjectBoxView())->setHeader($header)->appendChild($table);
}
<?php
$table = new PhabricatorRepositoryVCSPassword();
$conn_w = $table->establishConnection('w');
echo "Upgrading password hashing for VCS passwords.\n";
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
foreach (new LiskMigrationIterator($table) as $password) {
$id = $password->getID();
echo "Migrating VCS password {$id}...\n";
$input_hash = $password->getPasswordHash();
$input_envelope = new PhutilOpaqueEnvelope($input_hash);
$storage_hash = $best_hasher->getPasswordHashForStorage($input_envelope);
queryfx($conn_w, 'UPDATE %T SET passwordHash = %s WHERE id = %d', $table->getTableName(), $storage_hash->openEnvelope(), $id);
}
echo "Done.\n";
private function hashPassword(PhutilOpaqueEnvelope $password)
{
$hasher = PhabricatorPasswordHasher::getBestHasher();
$input_envelope = $this->getPasswordHashInput($password);
return $hasher->getPasswordHashForStorage($input_envelope);
}
/**
* Get the human-readable algorithm name for the best available hash.
*
* @return string Human-readable name for best hash.
*/
public static function getBestAlgorithmName()
{
try {
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
return $best_hasher->getHumanReadableName();
} catch (Exception $ex) {
return pht('Unknown');
}
}
