1--TEST-- 2Test interoperability of password_hash('argon2id') 3--EXTENSIONS-- 4sodium 5--SKIPIF-- 6<?php 7if (!function_exists('sodium_crypto_pwhash_str_verify')) { 8 echo "skip - No crypto_pwhash_str_verify"; 9} 10if (!in_array('argon2id', password_algos(), true /* strict */)) { 11 echo "skip - No argon2id support in password_hash()"; 12} 13--FILE-- 14<?php 15 16echo 'Argon2 provider: '; 17var_dump(PASSWORD_ARGON2_PROVIDER); 18 19foreach([1, 2] as $mem) { 20 foreach([1, 2] as $time) { 21 $opts = [ 22 'memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * $mem, 23 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST * $time, 24 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS, 25 ]; 26 $password = random_bytes(32); 27 echo "Using password: "; 28 var_dump(base64_encode($password)); 29 $hash = password_hash($password, 'argon2id', $opts); 30 echo "Hash: "; var_dump($hash); 31 var_dump(sodium_crypto_pwhash_str_verify($hash, $password)); 32 33 // And verify that incorrect passwords fail. 34 $password[0] = chr(ord($password[0]) ^ 1); 35 var_dump(sodium_crypto_pwhash_str_verify($hash, $password)); 36 } 37} 38?> 39--EXPECTF-- 40Argon2 provider: string(%d) "%s" 41Using password: string(44) "%s" 42Hash: string(97) "$argon2id$v=19$m=65536,t=4,p=1$%s$%s" 43bool(true) 44bool(false) 45Using password: string(44) "%s" 46Hash: string(97) "$argon2id$v=19$m=65536,t=8,p=1$%s$%s" 47bool(true) 48bool(false) 49Using password: string(44) "%s" 50Hash: string(98) "$argon2id$v=19$m=131072,t=4,p=1$%s$%s" 51bool(true) 52bool(false) 53Using password: string(44) "%s" 54Hash: string(98) "$argon2id$v=19$m=131072,t=8,p=1$%s$%s" 55bool(true) 56bool(false) 57
