1--TEST-- 2Test interoperability of password_hash('argon2id') 3--EXTENSIONS-- 4sodium 5--SKIPIF-- 6<?php 7if (!function_exists('sodium_crypto_pwhash_str_verify')) { 8 echo "skip - No crypto_pwhash_str_verify"; 9} 10if (!in_array('argon2id', password_algos(), true /* strict */)) { 11 echo "skip - No argon2id support in password_hash()"; 12} 13?> 14--FILE-- 15<?php 16 17echo 'Argon2 provider: '; 18var_dump(PASSWORD_ARGON2_PROVIDER); 19 20foreach([1, 2] as $mem) { 21 foreach([1, 2] as $time) { 22 $opts = [ 23 'memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * $mem, 24 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST * $time, 25 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS, 26 ]; 27 $password = random_bytes(32); 28 echo "Using password: "; 29 var_dump(base64_encode($password)); 30 $hash = password_hash($password, 'argon2id', $opts); 31 echo "Hash: "; var_dump($hash); 32 var_dump(sodium_crypto_pwhash_str_verify($hash, $password)); 33 34 // And verify that incorrect passwords fail. 35 $password[0] = chr(ord($password[0]) ^ 1); 36 var_dump(sodium_crypto_pwhash_str_verify($hash, $password)); 37 } 38} 39?> 40--EXPECTF-- 41Argon2 provider: string(%d) "%s" 42Using password: string(44) "%s" 43Hash: string(97) "$argon2id$v=19$m=65536,t=4,p=1$%s$%s" 44bool(true) 45bool(false) 46Using password: string(44) "%s" 47Hash: string(97) "$argon2id$v=19$m=65536,t=8,p=1$%s$%s" 48bool(true) 49bool(false) 50Using password: string(44) "%s" 51Hash: string(98) "$argon2id$v=19$m=131072,t=4,p=1$%s$%s" 52bool(true) 53bool(false) 54Using password: string(44) "%s" 55Hash: string(98) "$argon2id$v=19$m=131072,t=8,p=1$%s$%s" 56bool(true) 57bool(false) 58
