Handle argon failures robustly (#33856)

GrahamCampbell · web-flow · commit a586ad4cf9bf · 2020-08-13T09:08:29.000-05:00
diff --git a/src/Illuminate/Hashing/ArgonHasher.php b/src/Illuminate/Hashing/ArgonHasher.php
@@ -60,13 +60,13 @@ public function __construct(array $options = [])
      */
     public function make($value, array $options = [])
     {
-        $hash = password_hash($value, $this->algorithm(), [
+        $hash = @password_hash($value, $this->algorithm(), [
             'memory_cost' => $this->memory($options),
             'time_cost' => $this->time($options),
             'threads' => $this->threads($options),
         ]);
 
-        if ($hash === false) {
+        if (! is_string($hash)) {
             throw new RuntimeException('Argon2 hashing not supported.');
         }
 
diff --git a/tests/Hashing/HasherTest.php b/tests/Hashing/HasherTest.php
@@ -51,6 +51,9 @@ public function testBasicArgon2idHashing()
         $this->assertSame('argon2id', password_get_info($value)['algoName']);
     }
 
+    /**
+     * @depends testBasicBcryptHashing
+     */
     public function testBasicBcryptVerification()
     {
         $this->expectException(RuntimeException::class);
@@ -64,6 +67,9 @@ public function testBasicBcryptVerification()
         (new BcryptHasher(['verify' => true]))->check('password', $argonHashed);
     }
 
+    /**
+     * @depends testBasicArgon2iHashing
+     */
     public function testBasicArgon2iVerification()
     {
         $this->expectException(RuntimeException::class);
@@ -73,6 +79,9 @@ public function testBasicArgon2iVerification()
         (new ArgonHasher(['verify' => true]))->check('password', $bcryptHashed);
     }
 
+    /**
+     * @depends testBasicArgon2idHashing
+     */
     public function testBasicArgon2idVerification()
     {
         $this->expectException(RuntimeException::class);

Original file line number	Diff line number	Diff line change
`@@ -60,13 +60,13 @@ public function __construct(array $options = [])`
`60`	`60`	`*/`
`61`	`61`	`public function make($value, array $options = [])`
`62`	`62`	`{`
`63`		`- $hash = password_hash($value, $this->algorithm(), [`
	`63`	`+ $hash = @password_hash($value, $this->algorithm(), [`
`64`	`64`	`'memory_cost' => $this->memory($options),`
`65`	`65`	`'time_cost' => $this->time($options),`
`66`	`66`	`'threads' => $this->threads($options),`
`67`	`67`	`]);`
`68`	`68`
`69`		`- if ($hash === false) {`
	`69`	`+ if (! is_string($hash)) {`
`70`	`70`	`throw new RuntimeException('Argon2 hashing not supported.');`
`71`	`71`	`}`
`72`	`72`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,9 @@ public function testBasicArgon2idHashing()`
`51`	`51`	`$this->assertSame('argon2id', password_get_info($value)['algoName']);`
`52`	`52`	`}`
`53`	`53`
	`54`	`+ /**`
	`55`	`+ * @depends testBasicBcryptHashing`
	`56`	`+ */`
`54`	`57`	`public function testBasicBcryptVerification()`
`55`	`58`	`{`
`56`	`59`	`$this->expectException(RuntimeException::class);`
`@@ -64,6 +67,9 @@ public function testBasicBcryptVerification()`
`64`	`67`	`(new BcryptHasher(['verify' => true]))->check('password', $argonHashed);`
`65`	`68`	`}`
`66`	`69`
	`70`	`+ /**`
	`71`	`+ * @depends testBasicArgon2iHashing`
	`72`	`+ */`
`67`	`73`	`public function testBasicArgon2iVerification()`
`68`	`74`	`{`
`69`	`75`	`$this->expectException(RuntimeException::class);`
`@@ -73,6 +79,9 @@ public function testBasicArgon2iVerification()`
`73`	`79`	`(new ArgonHasher(['verify' => true]))->check('password', $bcryptHashed);`
`74`	`80`	`}`
`75`	`81`
	`82`	`+ /**`
	`83`	`+ * @depends testBasicArgon2idHashing`
	`84`	`+ */`
`76`	`85`	`public function testBasicArgon2idVerification()`
`77`	`86`	`{`
`78`	`87`	`$this->expectException(RuntimeException::class);`