[!!!][TASK] Remove deprecated code from core Crypto/PasswordHashing 97/59197/6
authorChristian Kuhn <lolli@schwarzbu.ch>
Tue, 18 Dec 2018 18:05:53 +0000 (19:05 +0100)
committerAnja Leichsenring <aleichsenring@ab-softlab.de>
Wed, 19 Dec 2018 07:45:21 +0000 (08:45 +0100)
Removed classes:
TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt

Removed interfaces:
TYPO3\CMS\Core\Crypto\PasswordHashing\ComposedPasswordHashInterface
TYPO3\CMS\Core\Crypto\PasswordHashing\ExtensionManagerConfigurationUtility
TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService
TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility

Removed class aliases:
TYPO3\CMS\Saltedpasswords\Salt\AbstractSalt
TYPO3\CMS\Saltedpasswords\Salt\AbstractComposedSalt
TYPO3\CMS\Saltedpasswords\Salt\Argon2iSalt
TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt
TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt
TYPO3\CMS\Saltedpasswords\Salt\ComposedSaltInterface
TYPO3\CMS\Saltedpasswords\Salt\Md5Salt
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory
TYPO3\CMS\Saltedpasswords\Salt\SaltInterface
TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt
TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt
TYPO3\CMS\Saltedpasswords\SaltedPasswordsService
TYPO3\CMS\Saltedpasswords\Utility\ExensionManagerConfigurationUtility
TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility

Removed methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->getOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->setOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->getOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->setOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMinHashCount()

Protected methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->base64Decode()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->base64Encode()

Removed static methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::determineSaltingHashingMethod()
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getSaltingInstance()
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::setPreferredHashingMethod()

Second method argument dropped:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashedPassword()

Ignored options:
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods']

Dropped constants:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MIN_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MIN_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MIN_HASH_COUNT

Removed language file aliases:
EXT:saltedpasswords/Resources/Private/Language/locallang.xlf
EXT:saltedpasswords/Resources/Private/Language/locallang_em.xlf

Change-Id: Ia6a18209f104ca1abc6981508fb8b640ef2eb1a3
Resolves: #87203
Releases: master
Reviewed-on: https://review.typo3.org/59197
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
35 files changed:
typo3/sysext/core/Classes/Crypto/PasswordHashing/AbstractComposedSalt.php [deleted file]
typo3/sysext/core/Classes/Crypto/PasswordHashing/Argon2iPasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/BcryptPasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/BlowfishPasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/ComposedPasswordHashInterface.php [deleted file]
typo3/sysext/core/Classes/Crypto/PasswordHashing/ExtensionManagerConfigurationUtility.php [deleted file]
typo3/sysext/core/Classes/Crypto/PasswordHashing/Md5PasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/PasswordHashFactory.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/Pbkdf2PasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/PhpassPasswordHash.php
typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordService.php [deleted file]
typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordsUtility.php [deleted file]
typo3/sysext/core/Classes/Localization/LocalizationFactory.php
typo3/sysext/core/Documentation/Changelog/master/Breaking-87193-DeprecatedFunctionalityRemoved.rst
typo3/sysext/core/Migrations/Code/ClassAliasMap.php
typo3/sysext/core/Migrations/Code/LegacyClassesForIde.php
typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords.xlf [deleted file]
typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords_em.xlf [deleted file]
typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/be_users.xml [deleted file]
typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/fe_users.xml [deleted file]
typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordServiceTest.php [deleted file]
typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordsUtilityTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Argon2iPasswordHashTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BcryptPasswordHashTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BlowfishPasswordHashTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Md5PasswordHashTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PasswordHashFactoryTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Pbkdf2PasswordHashTest.php [deleted file]
typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PhpassPasswordHashTest.php [deleted file]
typo3/sysext/install/Configuration/ExtensionScanner/Php/ArrayDimensionMatcher.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/ClassConstantMatcher.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/ClassNameMatcher.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodArgumentDroppedMatcher.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallMatcher.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallStaticMatcher.php

diff --git a/typo3/sysext/core/Classes/Crypto/PasswordHashing/AbstractComposedSalt.php b/typo3/sysext/core/Classes/Crypto/PasswordHashing/AbstractComposedSalt.php
deleted file mode 100644 (file)
index d82d798..0000000
+++ /dev/null
@@ -1,83 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-/**
- * Abstract class with methods needed to be extended
- * in a salted hashing class that composes an own salted password hash.
- *
- * @deprecated and will be removed in TYPO3 v10.0.
- */
-abstract class AbstractComposedSalt
-{
-    /**
-     * Returns a string for mapping an int to the corresponding base 64 character.
-     *
-     * @return string String for mapping an int to the corresponding base 64 character
-     */
-    abstract protected function getItoa64(): string;
-
-    /**
-     * Encodes bytes into printable base 64 using the *nix standard from crypt().
-     *
-     * @param string $input The string containing bytes to encode.
-     * @param int $count The number of characters (bytes) to encode.
-     * @return string Encoded string
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function base64Encode(string $input, int $count): string
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $output = '';
-        $i = 0;
-        $itoa64 = $this->getItoa64();
-        do {
-            $value = ord($input[$i++]);
-            $output .= $itoa64[$value & 63];
-            if ($i < $count) {
-                $value |= ord($input[$i]) << 8;
-            }
-            $output .= $itoa64[$value >> 6 & 63];
-            if ($i++ >= $count) {
-                break;
-            }
-            if ($i < $count) {
-                $value |= ord($input[$i]) << 16;
-            }
-            $output .= $itoa64[$value >> 12 & 63];
-            if ($i++ >= $count) {
-                break;
-            }
-            $output .= $itoa64[$value >> 18 & 63];
-        } while ($i < $count);
-        return $output;
-    }
-
-    /**
-     * Method determines required length of base64 characters for a given
-     * length of a byte string.
-     *
-     * @param int $byteLength Length of bytes to calculate in base64 chars
-     * @return int Required length of base64 characters
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    protected function getLengthBase64FromBytes(int $byteLength): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Calculates bytes in bits in base64
-        return (int)ceil($byteLength * 8 / 6);
-    }
-}
index ffc6d9d..1ad6b87 100644 (file)
@@ -37,8 +37,6 @@ class Argon2iPasswordHash implements PasswordHashInterface
      * We raise that significantly by default. At the time of this writing, with the options
      * below, password_verify() needs about 130ms on an I7 6820 on 2 CPU's.
      *
-     * Note the default values are set again in 'setOptions' below if needed.
-     *
      * @var array
      */
     protected $options = [
@@ -114,14 +112,10 @@ class Argon2iPasswordHash implements PasswordHashInterface
      * Creates a salted hash for a given plaintext password
      *
      * @param string $password Plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt to use
      * @return string|null Salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated in PHP password api and ignored.', E_USER_DEPRECATED);
-        }
         $hashedPassword = null;
         if ($password !== '') {
             $hashedPassword = password_hash($password, PASSWORD_ARGON2I, $this->options);
@@ -162,65 +156,4 @@ class Argon2iPasswordHash implements PasswordHashInterface
         }
         return $result;
     }
-
-    /**
-     * @return array
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getOptions(): array
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return $this->options;
-    }
-
-    /**
-     * Set new memory_cost, time_cost, and thread values.
-     *
-     * @param array $options
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setOptions(array $options): void
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $newOptions = [];
-
-        // Check options for validity, else use hard coded defaults
-        if (isset($options['memory_cost'])) {
-            if ((int)$options['memory_cost'] < PASSWORD_ARGON2_DEFAULT_MEMORY_COST) {
-                throw new \InvalidArgumentException(
-                    'memory_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
-                    1526042080
-                );
-            }
-            $newOptions['memory_cost'] = (int)$options['memory_cost'];
-        } else {
-            $newOptions['memory_cost'] = 16384;
-        }
-
-        if (isset($options['time_cost'])) {
-            if ((int)$options['time_cost'] < PASSWORD_ARGON2_DEFAULT_TIME_COST) {
-                throw new \InvalidArgumentException(
-                    'time_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_TIME_COST,
-                    1526042081
-                );
-            }
-            $newOptions['time_cost'] = (int)$options['time_cost'];
-        } else {
-            $newOptions['time_cost'] = 16;
-        }
-
-        if (isset($options['threads'])) {
-            if ((int)$options['threads'] < PASSWORD_ARGON2_DEFAULT_THREADS) {
-                throw new \InvalidArgumentException(
-                    'threads must not be lower than ' . PASSWORD_ARGON2_DEFAULT_THREADS,
-                    1526042082
-                );
-            }
-            $newOptions['threads'] = (int)$options['threads'];
-        } else {
-            $newOptions['threads'] = 2;
-        }
-
-        $this->options = $newOptions;
-    }
 }
index fcba227..a0a3690 100644 (file)
@@ -37,8 +37,6 @@ class BcryptPasswordHash implements PasswordHashInterface
      * Raise default PHP cost (10). At the time of this writing, this leads to
      * 150-200ms computing time on a casual I7 CPU.
      *
-     * Note the default values are set again in 'setOptions' below if needed.
-     *
      * @var array
      */
     protected $options = [
@@ -98,14 +96,10 @@ class BcryptPasswordHash implements PasswordHashInterface
      * Extend parent method to workaround bcrypt limitations.
      *
      * @param string $password Plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt to use
      * @return string Salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated in PHP password api and thus ignored.', E_USER_DEPRECATED);
-        }
         $hashedPassword = null;
         if ($password !== '') {
             $password = $this->processPlainPassword($password);
@@ -174,41 +168,4 @@ class BcryptPasswordHash implements PasswordHashInterface
     {
         return $cost >= PASSWORD_BCRYPT_DEFAULT_COST && $cost <= 31;
     }
-
-    /**
-     * @return array
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getOptions(): array
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return $this->options;
-    }
-
-    /**
-     * Set new memory_cost, time_cost, and thread values.
-     *
-     * @param array $options
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setOptions(array $options): void
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $newOptions = [];
-
-        // Check options for validity, else use hard coded defaults
-        if (isset($options['cost'])) {
-            if (!$this->isValidBcryptCost((int)$options['cost'])) {
-                throw new \InvalidArgumentException(
-                    'cost must not be lower than ' . PASSWORD_BCRYPT_DEFAULT_COST . ' or higher than 31',
-                    1526042084
-                );
-            }
-            $newOptions['cost'] = (int)$options['cost'];
-        } else {
-            $newOptions['cost'] = 12;
-        }
-
-        $this->options = $newOptions;
-    }
 }
index 09702b7..5cd3c08 100644 (file)
@@ -15,7 +15,6 @@ namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
  * The TYPO3 project - inspiring people to share!
  */
 
-use TYPO3\CMS\Core\Compatibility\PublicMethodDeprecationTrait;
 use TYPO3\CMS\Core\Crypto\Random;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
@@ -28,16 +27,6 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class BlowfishPasswordHash implements PasswordHashInterface
 {
-    use PublicMethodDeprecationTrait;
-
-    /**
-     * @var array
-     */
-    private $deprecatedPublicMethods = [
-        'isValidSalt' => 'Using BlowfishPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-        'base64Encode' => 'Using BlowfishPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-    ];
-
     /**
      * Prefix for the password hash.
      */
@@ -51,37 +40,6 @@ class BlowfishPasswordHash implements PasswordHashInterface
     ];
 
     /**
-     * Keeps a string for mapping an int to the corresponding
-     * base 64 character.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-
-    /**
-     * The default log2 number of iterations for password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const HASH_COUNT = 7;
-
-    /**
-     * The default maximum allowed log2 number of iterations for
-     * password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MAX_HASH_COUNT = 17;
-
-    /**
-     * The default minimum allowed log2 number of iterations for
-     * password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MIN_HASH_COUNT = 4;
-
-    /**
      * Constructor sets options if given
      *
      * @param array $options
@@ -133,14 +91,10 @@ class BlowfishPasswordHash implements PasswordHashInterface
      * Method creates a salted hash for a given plaintext password
      *
      * @param string $password plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt with setting to use
      * @return string Salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated.', E_USER_DEPRECATED);
-        }
         $saltedPW = null;
         if (!empty($password)) {
             if (empty($salt) || !$this->isValidSalt($salt)) {
@@ -322,102 +276,4 @@ class BlowfishPasswordHash implements PasswordHashInterface
         // Calculates bytes in bits in base64
         return (int)ceil($byteLength * 8 / 6);
     }
-
-    /**
-     * Method returns log2 number of iterations for password stretching.
-     *
-     * @return int log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return $this->options['hash_count'];
-    }
-
-    /**
-     * Method returns maximum allowed log2 number of iterations for password stretching.
-     *
-     * @return int Maximum allowed log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMaxHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 17;
-    }
-
-    /**
-     * Method returns minimum allowed log2 number of iterations for password stretching.
-     *
-     * @return int Minimum allowed log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMinHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 4;
-    }
-
-    /**
-     * Returns length of a Blowfish salt in bytes.
-     *
-     * @return int Length of a Blowfish salt in bytes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSaltLength(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 16;
-    }
-
-    /**
-     * Returns setting string of Blowfish salted hashes.
-     *
-     * @return string Setting string of Blowfish salted hashes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSetting(): string
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return self::PREFIX;
-    }
-
-    /**
-     * Method sets log2 number of iterations for password stretching.
-     *
-     * @param int $hashCount log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setHashCount(int $hashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        if ($hashCount >= 4 && $hashCount <= 17) {
-            $this->options['hash_count'] = $hashCount;
-        }
-    }
-
-    /**
-     * Method sets maximum allowed log2 number of iterations for password stretching.
-     *
-     * @param int $maxHashCount Maximum allowed log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMaxHashCount(int $maxHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, max hash count is hard coded to 17
-    }
-
-    /**
-     * Method sets minimum allowed log2 number of iterations for password stretching.
-     *
-     * @param int $minHashCount Minimum allowed log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMinHashCount(int $minHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, min hash count is hard coded to 4
-    }
 }
diff --git a/typo3/sysext/core/Classes/Crypto/PasswordHashing/ComposedPasswordHashInterface.php b/typo3/sysext/core/Classes/Crypto/PasswordHashing/ComposedPasswordHashInterface.php
deleted file mode 100644 (file)
index 1ed050e..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-/**
- * Interface for implementing salts that compose the password-hash string
- * themselves.
- *
- * @deprecated and will be removed in TYPO3 v10.0.
- */
-interface ComposedPasswordHashInterface extends PasswordHashInterface
-{
-    /**
-     * Returns length of required salt.
-     *
-     * @return int Length of required salt
-     */
-    public function getSaltLength(): int;
-
-    /**
-     * Method determines if a given string is a valid salt
-     *
-     * @param string $salt String to check
-     * @return bool TRUE if it's valid salt, otherwise FALSE
-     */
-    public function isValidSalt(string $salt): bool;
-}
diff --git a/typo3/sysext/core/Classes/Crypto/PasswordHashing/ExtensionManagerConfigurationUtility.php b/typo3/sysext/core/Classes/Crypto/PasswordHashing/ExtensionManagerConfigurationUtility.php
deleted file mode 100644 (file)
index e282fec..0000000
+++ /dev/null
@@ -1,134 +0,0 @@
-<?php
-namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
-use TYPO3\CMS\Core\Utility\GeneralUtility;
-
-/**
- * class providing configuration checks for saltedpasswords.
- *
- * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
- */
-class ExtensionManagerConfigurationUtility
-{
-    /**
-     * @var array
-     */
-    protected $extConf = [];
-
-    /**
-     * Deprecate this class
-     */
-    public function __construct()
-    {
-        trigger_error(self::class . ' is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-    }
-
-    /**
-     * Initializes this object.
-     */
-    private function init()
-    {
-        $requestSetup = $this->processPostData((array)$_REQUEST['data']);
-        $extConf = GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('saltedpasswords');
-        $this->extConf['BE'] = array_merge((array)$extConf['BE'], (array)$requestSetup['BE']);
-        $this->extConf['FE'] = array_merge((array)$extConf['FE'], (array)$requestSetup['FE']);
-        $this->getLanguageService()->includeLLFile('EXT:saltedpasswords/Resources/Private/Language/locallang.xlf');
-    }
-
-    /**
-     * Renders a selector element that allows to select the hash method to be used.
-     *
-     * @param array $params Field information to be rendered
-     * @param string $disposal The configuration disposal ('FE' or 'BE')
-     * @return string The HTML selector
-     */
-    protected function buildHashMethodSelector(array $params, $disposal)
-    {
-        $this->init();
-        $propertyName = $params['propertyName'];
-        $unknownVariablePleaseRenameMe = '\'' . substr(md5($propertyName), 0, 10) . '\'';
-        $pField = '';
-        $registeredMethods = \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getRegisteredSaltedHashingMethods();
-        foreach ($registeredMethods as $class => $reference) {
-            $classInstance = GeneralUtility::makeInstance($reference);
-            if ($classInstance instanceof \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface && $classInstance->isAvailable()) {
-                $sel = $this->extConf[$disposal]['saltedPWHashingMethod'] == $class ? ' selected="selected" ' : '';
-                $label = 'ext.saltedpasswords.title.' . strtolower(end(explode('\\', $class)));
-                $pField .= '<option value="' . htmlspecialchars($class) . '"' . $sel . '>' . $GLOBALS['LANG']->getLL($label) . '</option>';
-            }
-        }
-        $pField = '<select class="form-control" id="' . $propertyName . '" name="' . $params['fieldName'] .
-            '" onChange="uFormUrl(' . $unknownVariablePleaseRenameMe . ')">' . $pField . '</select>';
-        return $pField;
-    }
-
-    /**
-     * Renders a selector element that allows to select the hash method to be
-     * used (frontend disposal).
-     *
-     * @param array $params Field information to be rendered
-     * @return string The HTML selector
-     */
-    public function buildHashMethodSelectorFE(array $params)
-    {
-        return $this->buildHashMethodSelector($params, 'FE');
-    }
-
-    /**
-     * Renders a selector element that allows to select the hash method to
-     * be used (backend disposal)
-     *
-     * @param array $params Field information to be rendered
-     * @return string The HTML selector
-     */
-    public function buildHashMethodSelectorBE(array $params)
-    {
-        return $this->buildHashMethodSelector($params, 'BE');
-    }
-
-    /**
-     * Processes the information submitted by the user using a POST request and
-     * transforms it to a TypoScript node notation.
-     *
-     * @param array $postArray Incoming POST information
-     * @return array Processed and transformed POST information
-     */
-    protected function processPostData(array $postArray = [])
-    {
-        foreach ($postArray as $key => $value) {
-            // @todo Explain
-            $parts = explode('.', $key, 2);
-            if (count($parts) == 2) {
-                // @todo Explain
-                $value = $this->processPostData([$parts[1] => $value]);
-                $postArray[$parts[0] . '.'] = array_merge((array)$postArray[$parts[0] . '.'], $value);
-            } else {
-                // @todo Explain
-                $postArray[$parts[0]] = $value;
-            }
-        }
-        return $postArray;
-    }
-
-    /**
-     * @return \TYPO3\CMS\Core\Localization\LanguageService
-     */
-    protected function getLanguageService()
-    {
-        return $GLOBALS['LANG'];
-    }
-}
index e99a53c..0d94b90 100644 (file)
@@ -15,7 +15,6 @@ namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
  * The TYPO3 project - inspiring people to share!
  */
 
-use TYPO3\CMS\Core\Compatibility\PublicMethodDeprecationTrait;
 use TYPO3\CMS\Core\Crypto\Random;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
@@ -28,30 +27,12 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class Md5PasswordHash implements PasswordHashInterface
 {
-    use PublicMethodDeprecationTrait;
-
-    /**
-     * @var array
-     */
-    private $deprecatedPublicMethods = [
-        'isValidSalt' => 'Using Md5PasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-        'base64Encode' => 'Using Md5PasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-    ];
-
     /**
      * Prefix for the password hash.
      */
     protected const PREFIX = '$1$';
 
     /**
-     * Keeps a string for mapping an int to the corresponding
-     * base 64 character.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-
-    /**
      * Method checks if a given plaintext password is correct by comparing it with
      * a given salted hashed password.
      *
@@ -82,14 +63,10 @@ class Md5PasswordHash implements PasswordHashInterface
      * Method creates a salted hash for a given plaintext password
      *
      * @param string $password plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt with setting to use
      * @return string Salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated.', E_USER_DEPRECATED);
-        }
         $saltedPW = null;
         if (!empty($password)) {
             if (empty($salt) || !$this->isValidSalt($salt)) {
@@ -250,28 +227,4 @@ class Md5PasswordHash implements PasswordHashInterface
         // Calculates bytes in bits in base64
         return (int)ceil($byteLength * 8 / 6);
     }
-
-    /**
-     * Returns setting string of MD5 salted hashes.
-     *
-     * @return string Setting string of MD5 salted hashes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSetting(): string
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return self::PREFIX;
-    }
-
-    /**
-     * Returns length of a MD5 salt in bytes.
-     *
-     * @return int Length of a MD5 salt in bytes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSaltLength(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 6;
-    }
 }
index bff3dbe..8186054 100644 (file)
@@ -24,15 +24,6 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
 class PasswordHashFactory
 {
     /**
-     * An instance of the salted hashing method.
-     * This member is set in the getSaltingInstance() function.
-     *
-     * @var PasswordHashInterface
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    protected static $instance;
-
-    /**
      * Find a hash class that handles given hash and return an instance of it.
      *
      * @param string $hash Given hash to find instance for
@@ -149,108 +140,6 @@ class PasswordHashFactory
         if (!is_array($saltMethods) || empty($saltMethods)) {
             throw new \RuntimeException('No password hash methods configured', 1533948733);
         }
-        if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods'])) {
-            trigger_error(
-                'Registering additional hash algorithms in $GLOBALS[\'TYPO3_CONF_VARS\'][\'SC_OPTIONS\'][\'ext/saltedpasswords\'][\'saltMethods\']'
-                . ' has been deprecated. Extend $GLOBALS[\'TYPO3_CONF_VARS\'][\'SYS\'][\'availablePasswordHashAlgorithms\'] instead',
-                E_USER_DEPRECATED
-            );
-            $configuredMethods = (array)$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods'];
-            if (!empty($configuredMethods)) {
-                $saltMethods = array_merge($saltMethods, $configuredMethods);
-            }
-        }
         return $saltMethods;
     }
-
-    /**
-     * Obtains a salting hashing method instance.
-     *
-     * This function will return an instance of a class that implements
-     * \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
-     *
-     * Use parameter NULL to reset the factory!
-     *
-     * @param string|null $saltedHash Salted hashed password to determine the type of used method from or NULL to reset to the default type
-     * @param string $mode The TYPO3 mode (FE or BE) saltedpasswords shall be used for
-     * @return PasswordHashInterface|null An instance of salting hash method class or null if given hash is not supported
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function getSaltingInstance($saltedHash = '', $mode = TYPO3_MODE)
-    {
-        trigger_error(
-            'This method is obsolete and will be removed in TYPO3 v10.0. Use get() and getDefaultHashInstance() instead.',
-            E_USER_DEPRECATED
-        );
-        // Creating new instance when
-        // * no instance existing
-        // * a salted hash given to determine salted hashing method from
-        // * a NULL parameter given to reset instance back to default method
-        if (!is_object(self::$instance) || !empty($saltedHash) || $saltedHash === null) {
-            // Determine method by checking the given hash
-            if (!empty($saltedHash)) {
-                $result = self::determineSaltingHashingMethod($saltedHash, $mode);
-                if (!$result) {
-                    self::$instance = null;
-                }
-            } else {
-                $classNameToUse = SaltedPasswordsUtility::getDefaultSaltingHashingMethod($mode);
-                self::$instance = GeneralUtility::makeInstance($classNameToUse);
-            }
-        }
-        return self::$instance;
-    }
-
-    /**
-     * Method tries to determine the salting hashing method used for given salt.
-     *
-     * Method implicitly sets the instance of the found method object in the class property when found.
-     *
-     * @param string $saltedHash
-     * @param string $mode (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
-     * @return bool TRUE, if salting hashing method has been found, otherwise FALSE
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function determineSaltingHashingMethod(string $saltedHash, $mode = TYPO3_MODE): bool
-    {
-        trigger_error(
-            'This method is obsolete and will be removed in TYPO3 v10.0.',
-            E_USER_DEPRECATED
-        );
-        $registeredMethods = static::getRegisteredSaltedHashingMethods();
-        $defaultClassName = SaltedPasswordsUtility::getDefaultSaltingHashingMethod($mode);
-        unset($registeredMethods[$defaultClassName]);
-        // place the default method first in the order
-        $registeredMethods = [$defaultClassName => $defaultClassName] + $registeredMethods;
-        $methodFound = false;
-        foreach ($registeredMethods as $method) {
-            $objectInstance = GeneralUtility::makeInstance($method);
-            if ($objectInstance instanceof PasswordHashInterface && $objectInstance->isAvailable()) {
-                $methodFound = $objectInstance->isValidSaltedPW($saltedHash);
-                if ($methodFound) {
-                    self::$instance = $objectInstance;
-                    break;
-                }
-            }
-        }
-        return $methodFound;
-    }
-
-    /**
-     * Method sets a custom salting hashing method class.
-     *
-     * @param string $resource Object resource to use (e.g. \TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::class)
-     * @return PasswordHashInterface|null An instance of salting hashing method object or null
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function setPreferredHashingMethod(string $resource)
-    {
-        trigger_error('This method is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        self::$instance = null;
-        $objectInstance = GeneralUtility::makeInstance($resource);
-        if ($objectInstance instanceof PasswordHashInterface) {
-            self::$instance = $objectInstance;
-        }
-        return self::$instance;
-    }
 }
index 16b14cf..dfc3d84 100644 (file)
@@ -15,7 +15,6 @@ namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
  * The TYPO3 project - inspiring people to share!
  */
 
-use TYPO3\CMS\Core\Compatibility\PublicMethodDeprecationTrait;
 use TYPO3\CMS\Core\Crypto\Random;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
@@ -25,17 +24,6 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class Pbkdf2PasswordHash implements PasswordHashInterface
 {
-    use PublicMethodDeprecationTrait;
-
-    /**
-     * @var array
-     */
-    private $deprecatedPublicMethods = [
-        'isValidSalt' => 'Using Pbkdf2PasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-        'base64Encode' => 'Using Pbkdf2PasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-        'base64Decode' => 'Using Pbkdf2PasswordHash::base64Decode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-    ];
-
     /**
      * Prefix for the password hash.
      */
@@ -49,35 +37,6 @@ class Pbkdf2PasswordHash implements PasswordHashInterface
     ];
 
     /**
-     * Keeps a string for mapping an int to the corresponding
-     * base 64 character.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-
-    /**
-     * The default number of iterations for password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const HASH_COUNT = 25000;
-
-    /**
-     * The default maximum allowed number of iterations for password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MAX_HASH_COUNT = 10000000;
-
-    /**
-     * The default minimum allowed number of iterations for password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MIN_HASH_COUNT = 1000;
-
-    /**
      * Constructor sets options if given
      *
      * @param array $options
@@ -124,15 +83,11 @@ class Pbkdf2PasswordHash implements PasswordHashInterface
      * Method creates a salted hash for a given plaintext password
      *
      * @param string $password plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt with setting to use
      * @return string|null Salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated.', E_USER_DEPRECATED);
-        }
-        return $this->getHashedPasswordInternal($password, $salt);
+        return $this->getHashedPasswordInternal($password);
     }
 
     /**
@@ -333,102 +288,4 @@ class Pbkdf2PasswordHash implements PasswordHashInterface
     {
         return base64_decode(str_replace('.', '+', $value));
     }
-
-    /**
-     * Method returns number of iterations for password stretching.
-     *
-     * @return int number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return $this->options['hash_count'];
-    }
-
-    /**
-     * Method returns maximum allowed number of iterations for password stretching.
-     *
-     * @return int Maximum allowed number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMaxHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 10000000;
-    }
-
-    /**
-     * Method returns minimum allowed number of iterations for password stretching.
-     *
-     * @return int Minimum allowed number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMinHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 1000;
-    }
-
-    /**
-     * Returns length of a PBKDF2 salt in bytes.
-     *
-     * @return int Length of a PBKDF2 salt in bytes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSaltLength(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 16;
-    }
-
-    /**
-     * Returns setting string of PBKDF2 salted hashes.
-     *
-     * @return string Setting string of PBKDF2 salted hashes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSetting(): string
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return self::PREFIX;
-    }
-
-    /**
-     * Method sets number of iterations for password stretching.
-     *
-     * @param int $hashCount number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setHashCount(int $hashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        if ($hashCount >= 1000 && $hashCount <= 10000000) {
-            $this->options['hash_count'] = $hashCount;
-        }
-    }
-
-    /**
-     * Method sets maximum allowed number of iterations for password stretching.
-     *
-     * @param int $maxHashCount Maximum allowed number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMaxHashCount(int $maxHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, max hash count is hard coded to 10000000
-    }
-
-    /**
-     * Method sets minimum allowed number of iterations for password stretching.
-     *
-     * @param int $minHashCount Minimum allowed number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMinHashCount(int $minHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, max hash count is hard coded to 1000
-    }
 }
index 13656e8..36016d0 100644 (file)
@@ -15,7 +15,6 @@ namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
  * The TYPO3 project - inspiring people to share!
  */
 
-use TYPO3\CMS\Core\Compatibility\PublicMethodDeprecationTrait;
 use TYPO3\CMS\Core\Crypto\Random;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
@@ -32,16 +31,6 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class PhpassPasswordHash implements PasswordHashInterface
 {
-    use PublicMethodDeprecationTrait;
-
-    /**
-     * @var array
-     */
-    private $deprecatedPublicMethods = [
-        'isValidSalt' => 'Using PhpassPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-        'base64Encode' => 'Using PhpassPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
-    ];
-
     /**
      * Prefix for the password hash.
      */
@@ -55,37 +44,6 @@ class PhpassPasswordHash implements PasswordHashInterface
     ];
 
     /**
-     * Keeps a string for mapping an int to the corresponding
-     * base 64 character.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-
-    /**
-     * The default log2 number of iterations for password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const HASH_COUNT = 14;
-
-    /**
-     * The default maximum allowed log2 number of iterations for
-     * password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MAX_HASH_COUNT = 24;
-
-    /**
-     * The default minimum allowed log2 number of iterations for
-     * password stretching.
-     *
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    const MIN_HASH_COUNT = 7;
-
-    /**
      * Constructor sets options if given
      *
      * @param array $options
@@ -133,14 +91,10 @@ class PhpassPasswordHash implements PasswordHashInterface
      * Method creates a salted hash for a given plaintext password
      *
      * @param string $password Plaintext password to create a salted hash from
-     * @param string $salt Deprecated optional custom salt with setting to use
      * @return string|null salted hashed password
      */
-    public function getHashedPassword(string $password, string $salt = null)
+    public function getHashedPassword(string $password)
     {
-        if ($salt !== null) {
-            trigger_error(static::class . ': using a custom salt is deprecated.', E_USER_DEPRECATED);
-        }
         $saltedPW = null;
         if (!empty($password)) {
             if (empty($salt) || !$this->isValidSalt($salt)) {
@@ -359,102 +313,4 @@ class PhpassPasswordHash implements PasswordHashInterface
         // Calculates bytes in bits in base64
         return (int)ceil($byteLength * 8 / 6);
     }
-
-    /**
-     * Method returns log2 number of iterations for password stretching.
-     *
-     * @return int log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return $this->options['hash_count'];
-    }
-
-    /**
-     * Method returns maximum allowed log2 number of iterations for password stretching.
-     *
-     * @return int Maximum allowed log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMaxHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 24;
-    }
-
-    /**
-     * Method returns minimum allowed log2 number of iterations for password stretching.
-     *
-     * @return int Minimum allowed log2 number of iterations for password stretching
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getMinHashCount(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 7;
-    }
-
-    /**
-     * Returns length of a Blowfish salt in bytes.
-     *
-     * @return int Length of a Blowfish salt in bytes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSaltLength(): int
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return 6;
-    }
-
-    /**
-     * Returns setting string of PHPass salted hashes.
-     *
-     * @return string Setting string of PHPass salted hashes
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function getSetting(): string
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return self::PREFIX;
-    }
-
-    /**
-     * Method sets log2 number of iterations for password stretching.
-     *
-     * @param int $hashCount log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setHashCount(int $hashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        if ($hashCount >= 7 && $hashCount <= 24) {
-            $this->options['hash_count'] = $hashCount;
-        }
-    }
-
-    /**
-     * Method sets maximum allowed log2 number of iterations for password stretching.
-     *
-     * @param int $maxHashCount Maximum allowed log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMaxHashCount(int $maxHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, max hash count is hard coded to 24
-    }
-
-    /**
-     * Method sets minimum allowed log2 number of iterations for password stretching.
-     *
-     * @param int $minHashCount Minimum allowed log2 number of iterations for password stretching to set
-     * @deprecated and will be removed in TYPO3 v10.0.
-     */
-    public function setMinHashCount(int $minHashCount = null)
-    {
-        trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        // Empty, max hash count is hard coded to 7
-    }
 }
diff --git a/typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordService.php b/typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordService.php
deleted file mode 100644 (file)
index 8dfda5f..0000000
+++ /dev/null
@@ -1,247 +0,0 @@
-<?php
-namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Authentication\AbstractAuthenticationService;
-use TYPO3\CMS\Core\Database\ConnectionPool;
-use TYPO3\CMS\Core\TimeTracker\TimeTracker;
-use TYPO3\CMS\Core\Utility\GeneralUtility;
-
-/**
- * Class implements salted-password hashes authentication service.
- * Contains authentication service class for salted hashed passwords.
- *
- * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
- */
-class SaltedPasswordService extends AbstractAuthenticationService
-{
-    /**
-     * Keeps class name.
-     *
-     * @var string
-     */
-    public $prefixId = 'tx_saltedpasswords_sv1';
-
-    /**
-     * Keeps extension key.
-     *
-     * @var string
-     */
-    public $extKey = 'saltedpasswords';
-
-    /**
-     * Keeps extension configuration.
-     *
-     * @var mixed
-     */
-    protected $extConf;
-
-    /**
-     * An instance of the salted hashing method.
-     * This member is set in the getSaltingInstance() function.
-     *
-     * @var \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
-     */
-    protected $objInstanceSaltedPW;
-
-    /**
-     * Indicates whether the salted password authentication has failed.
-     *
-     * Prevents authentication bypass. See vulnerability report:
-     * { @link http://forge.typo3.org/issues/22030 }
-     *
-     * @var bool
-     */
-    protected $authenticationFailed = false;
-
-    /**
-     * Constructor deprecates this class.
-     */
-    public function __construct()
-    {
-        trigger_error('SaltedPasswordService will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-    }
-
-    /**
-     * Set salted passwords extension configuration to $this->extConf
-     *
-     * @return bool TRUE
-     */
-    public function init()
-    {
-        $this->extConf = SaltedPasswordsUtility::returnExtConf();
-        parent::init();
-        return true;
-    }
-
-    /**
-     * Checks the login data with the user record data for builtin login method.
-     *
-     * @param array $user User data array
-     * @param array $loginData Login data array
-     * @param string $passwordCompareStrategy Password compare strategy
-     * @return bool TRUE if login data matched
-     */
-    public function compareUident(array $user, array $loginData, $passwordCompareStrategy = '')
-    {
-        $validPasswd = false;
-        $password = $loginData['uident_text'];
-        // Determine method used for given salted hashed password
-        // This calls deprecated getSaltingInstance(). This is "ok" since this SaltedPasswordsService in itself is deprecated.
-        $this->objInstanceSaltedPW = PasswordHashFactory::getSaltingInstance($user['password']);
-        // Existing record is in format of Salted Hash password
-        if (is_object($this->objInstanceSaltedPW)) {
-            $validPasswd = $this->objInstanceSaltedPW->checkPassword($password, $user['password']);
-            // Record is in format of Salted Hash password but authentication failed
-            // skip further authentication methods
-            if (!$validPasswd) {
-                $this->authenticationFailed = true;
-            }
-            $defaultHashingClassName = SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
-            $skip = false;
-            // Test for wrong salted hashing method (only if current method is not related to default method)
-            if ($validPasswd && get_class($this->objInstanceSaltedPW) !== $defaultHashingClassName && !is_subclass_of($this->objInstanceSaltedPW, $defaultHashingClassName)) {
-                // Instantiate default method class
-                // This calls deprecated getSaltingInstance(). This is "ok" since this SaltedPasswordsService in itself is deprecated.
-                $this->objInstanceSaltedPW = PasswordHashFactory::getSaltingInstance(null);
-                $this->updatePassword((int)$user['uid'], ['password' => $this->objInstanceSaltedPW->getHashedPassword($password)]);
-            }
-            if ($validPasswd && !$skip && $this->objInstanceSaltedPW->isHashUpdateNeeded($user['password'])) {
-                $this->updatePassword((int)$user['uid'], ['password' => $this->objInstanceSaltedPW->getHashedPassword($password)]);
-            }
-        } else {
-            // Stored password is in deprecated salted hashing method
-            $hashingMethod = substr($user['password'], 0, 2);
-            if ($hashingMethod === 'M$') {
-                // Instantiate default method class
-                // This calls deprecated getSaltingInstance(). This is "ok" since this SaltedPasswordsService in itself is deprecated.
-                $this->objInstanceSaltedPW = PasswordHashFactory::getSaltingInstance(substr($user['password'], 1));
-                // md5 passwords that have been upgraded to salted passwords using old scheduler task
-                // @todo: The entire 'else' should be dropped in TYPO3 v10.0, admins had to upgrade users to salted passwords with v8 latest since the
-                // @todo: scheduler task has been dropped with v9, users should have had logged in in TYPO3 v9 era, this fallback is obsolete with TYPO3 v10.0.
-                $validPasswd = $this->objInstanceSaltedPW->checkPassword(md5($password), substr($user['password'], 1));
-
-                // Skip further authentication methods
-                if (!$validPasswd) {
-                    $this->authenticationFailed = true;
-                }
-            }
-            // Upgrade to a sane salt mechanism if password was correct
-            if ($validPasswd) {
-                // Instantiate default method class
-                // This calls deprecated getSaltingInstance(). This is "ok" since this SaltedPasswordsService in itself is deprecated.
-                $this->objInstanceSaltedPW = PasswordHashFactory::getSaltingInstance(null);
-                $this->updatePassword((int)$user['uid'], ['password' => $this->objInstanceSaltedPW->getHashedPassword($password)]);
-            }
-        }
-        return $validPasswd;
-    }
-
-    /**
-     * Method adds a further authUser method.
-     *
-     * Will return one of following authentication status codes:
-     * - 0 - authentication failure
-     * - 100 - just go on. User is not authenticated but there is still no reason to stop
-     * - 200 - the service was able to authenticate the user
-     *
-     * @param array $user Array containing FE user data of the logged user.
-     * @return int Authentication statuscode, one of 0,100 and 200
-     */
-    public function authUser(array $user)
-    {
-        $OK = 100;
-        // The salted password service can only work correctly, if a non empty username along with a non empty password is provided.
-        // Otherwise a different service is allowed to check for other login credentials
-        if ((string)$this->login['uident_text'] !== '' && (string)$this->login['uname'] !== '') {
-            $validPasswd = $this->compareUident($user, $this->login);
-            if (!$validPasswd) {
-                // Failed login attempt (wrong password)
-                $errorMessage = 'Login-attempt from ###IP###, username \'%s\', password not accepted!';
-                // No delegation to further services
-                if ($this->authenticationFailed) {
-                    $this->writeLogMessage(TYPO3_MODE . ' Authentication failed - wrong password for username \'%s\'', $this->login['uname']);
-                    $OK = 0;
-                } else {
-                    $this->writeLogMessage($errorMessage, $this->login['uname']);
-                }
-                $this->writelog(255, 3, 3, 1, $errorMessage, [
-                    $this->login['uname']
-                ]);
-                $this->logger->info(sprintf($errorMessage, $this->login['uname']));
-            } elseif ($validPasswd && $user['lockToDomain'] && strcasecmp($user['lockToDomain'], $this->authInfo['HTTP_HOST'])) {
-                // Lock domain didn't match, so error:
-                $errorMessage = 'Login-attempt from ###IP###, username \'%s\', locked domain \'%s\' did not match \'%s\'!';
-                $this->writeLogMessage($errorMessage, $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']);
-                $this->writelog(255, 3, 3, 1, $errorMessage, [
-                    $user[$this->db_user['username_column']],
-                    $user['lockToDomain'],
-                    $this->authInfo['HTTP_HOST']
-                ]);
-                $this->logger->info(sprintf($errorMessage, $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
-                $OK = 0;
-            } elseif ($validPasswd) {
-                $this->writeLogMessage(TYPO3_MODE . ' Authentication successful for username \'%s\'', $this->login['uname']);
-                $OK = 200;
-            }
-        }
-        return $OK;
-    }
-
-    /**
-     * Method updates a FE/BE user record - in this case a new password string will be set.
-     *
-     * @param int $uid uid of user record that will be updated
-     * @param mixed $updateFields Field values as key=>value pairs to be updated in database
-     */
-    protected function updatePassword($uid, $updateFields)
-    {
-        $connection = GeneralUtility::makeInstance(ConnectionPool::class)
-            ->getConnectionForTable($this->pObj->user_table);
-
-        $connection->update(
-            $this->pObj->user_table,
-            $updateFields,
-            ['uid' => (int)$uid]
-        );
-
-        $this->logger->notice('Automatic password update for user record in ' . $this->pObj->user_table . ' with uid ' . $uid);
-    }
-
-    /**
-     * Writes log message. Destination log depends on the current system mode.
-     * For FE the function writes to the admin panel log. For BE messages are
-     * sent to the system log. If developer log is enabled, messages are also
-     * sent there.
-     *
-     * This function accepts variable number of arguments and can format
-     * parameters. The syntax is the same as for sprintf()
-     *
-     * @param string $message Message to output
-     * @param array<int, mixed> $params
-     */
-    public function writeLogMessage($message, ...$params)
-    {
-        if (!empty($params)) {
-            $message = vsprintf($message, $params);
-        }
-        if (TYPO3_MODE === 'FE') {
-            /** @var TimeTracker $timeTracker */
-            $timeTracker = GeneralUtility::makeInstance(TimeTracker::class);
-            $timeTracker->setTSlogMessage($message);
-        }
-        $this->logger->notice($message);
-    }
-}
diff --git a/typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordsUtility.php b/typo3/sysext/core/Classes/Crypto/PasswordHashing/SaltedPasswordsUtility.php
deleted file mode 100644 (file)
index c547e2b..0000000
+++ /dev/null
@@ -1,134 +0,0 @@
-<?php
-namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
-use TYPO3\CMS\Core\Database\ConnectionPool;
-use TYPO3\CMS\Core\Utility\GeneralUtility;
-
-/**
- * General library class.
- *
- * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
- */
-class SaltedPasswordsUtility
-{
-    /**
-     * Keeps this extension's key.
-     *
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    const EXTKEY = 'saltedpasswords';
-
-    /**
-     * Calculates number of backend users, who have no saltedpasswords protection.
-     *
-     * @return int
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function getNumberOfBackendUsersWithInsecurePassword()
-    {
-        trigger_error('SaltedPasswordsUtility::getNumberOfBackendUsersWithInsecurePassword() is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
-        $queryBuilder->getRestrictions()->removeAll();
-
-        $userCount = $queryBuilder
-            ->count('*')
-            ->from('be_users')
-            ->where(
-                $queryBuilder->expr()->neq('password', $queryBuilder->createNamedParameter('', \PDO::PARAM_STR)),
-                $queryBuilder->expr()->notLike('password', $queryBuilder->createNamedParameter('$%', \PDO::PARAM_STR)),
-                $queryBuilder->expr()->notLike('password', $queryBuilder->createNamedParameter('M$%', \PDO::PARAM_STR))
-            )
-            ->execute()
-            ->fetchColumn();
-
-        return $userCount;
-    }
-
-    /**
-     * Returns extension configuration data from $TYPO3_CONF_VARS (configurable in Extension Manager)
-     *
-     * @param string $mode TYPO3_MODE, whether Configuration for Frontend or Backend should be delivered
-     * @return array Extension configuration data
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function returnExtConf($mode = TYPO3_MODE)
-    {
-        trigger_error('SaltedPasswordsUtility::returnExtConf() is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $currentConfiguration = self::returnExtConfDefaults();
-        if (isset($GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords'])) {
-            $extensionConfiguration = GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('saltedpasswords');
-            // Merge default configuration with modified configuration:
-            if (isset($extensionConfiguration[$mode])) {
-                $currentConfiguration = array_merge($currentConfiguration, $extensionConfiguration[$mode]);
-            }
-        }
-        return $currentConfiguration;
-    }
-
-    /**
-     * Returns default configuration of this extension.
-     *
-     * @return array Default extension configuration data for localconf.php
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function returnExtConfDefaults()
-    {
-        trigger_error('SaltedPasswordsUtility::returnExtConfDefaults() is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        return [
-            'saltedPWHashingMethod' => \TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::class,
-        ];
-    }
-
-    /**
-     * Function determines the default(=configured) type of
-     * salted hashing method to be used.
-     *
-     * @param string $mode (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
-     * @return string Classname of object to be used
-     * @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function getDefaultSaltingHashingMethod($mode = TYPO3_MODE)
-    {
-        trigger_error('SaltedPasswordsUtility::getDefaultSaltingHashingMethod() is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
-        $extConf = self::returnExtConf($mode);
-        $classNameToUse = \TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::class;
-        if (in_array(
-            $extConf['saltedPWHashingMethod'],
-            \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getRegisteredSaltedHashingMethods(),
-            true
-        )) {
-            $classNameToUse = $extConf['saltedPWHashingMethod'];
-        }
-        return $classNameToUse;
-    }
-
-    /**
-     * Returns information if salted password hashes are
-     * indeed used in the TYPO3_MODE.
-     *
-     * @return bool TRUE, if salted password hashes are used in the TYPO3_MODE, otherwise FALSE
-     * @deprecated in TYPO3 v9, will be removed in TYPO3 v10.0
-     */
-    public static function isUsageEnabled()
-    {
-        trigger_error(
-            'SaltedPasswordsUtility::isUsageEnabled() now always returns true and will be removed with TYPO3 v10.0.',
-            E_USER_DEPRECATED
-        );
-        return true;
-    }
-}
index ab6bd6a..d4f8ef7 100644 (file)
@@ -84,17 +84,6 @@ class LocalizationFactory implements \TYPO3\CMS\Core\SingletonInterface
             trigger_error('There is a reference to "' . $fileReference . '", which has been moved to "EXT:' . $mapping[$filePath] . '". This fallback will be removed with TYPO3 v10.0.', E_USER_DEPRECATED);
             $fileReference = 'EXT:' . $mapping[$filePath];
         }
-        // @deprecated since TYPO3 v9, will be removed with TYPO3 v10.0
-        // this is a fallback to convert references to old 'saltedpasswords' locallang files to the new location
-        if (strpos($fileReference, 'EXT:saltedpasswords/Resources/Private/Language/') === 0) {
-            $mapping = [
-                'saltedpasswords/Resources/Private/Language/locallang.xlf' => 'core/Resources/Private/Language/locallang_deprecated_saltedpasswords.xlf',
-                'saltedpasswords/Resources/Private/Language/locallang_em.xlf' => 'core/Resources/Private/Language/locallang_deprecated_saltedpasswords_em.xlf',
-            ];
-            $filePath = substr($fileReference, 4);
-            trigger_error('There is a reference to "' . $fileReference . '", which has been moved to "EXT:' . $mapping[$filePath] . '". This fallback will be removed with TYPO3 v10.0.', E_USER_DEPRECATED);
-            $fileReference = 'EXT:' . $mapping[$filePath];
-        }
 
         $hash = md5($fileReference . $languageKey);
 
index bf6d775..45063d1 100644 (file)
@@ -11,6 +11,10 @@ Description
 
 The following PHP classes that have been previously deprecated for v9 have been removed:
 
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\ExtensionManagerConfigurationUtility`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility`
 * :php:`TYPO3\CMS\Core\Encoder\JavaScriptEncoder`
 * :php:`TYPO3\CMS\Core\Resource\Utility\BackendUtility`
 * :php:`TYPO3\CMS\Core\Utility\ClientUtility`
@@ -19,6 +23,31 @@ The following PHP classes that have been previously deprecated for v9 have been
 * :php:`TYPO3\CMS\Workspaces\Task\AutoPublishTask`
 * :php:`TYPO3\CMS\Workspaces\Task\CleanupPreviewLinkTask`
 
+
+The following PHP interfaces that have been previously deprecated for v9 have been removed:
+
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\ComposedPasswordHashInterface`
+
+
+The following PHP class aliases that have been previously deprecated for v9 have been removed:
+
+* :php:`TYPO3\CMS\Saltedpasswords\Exception\InvalidSaltException`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\AbstractSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\AbstractComposedSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\Argon2iSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\ComposedSaltInterface`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\Md5Salt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\SaltFactory`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\SaltInterface`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt`
+* :php:`TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt`
+* :php:`TYPO3\CMS\Saltedpasswords\SaltedPasswordsService`
+* :php:`TYPO3\CMS\Saltedpasswords\Utility\ExensionManagerConfigurationUtility`
+* :php:`TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility`
+
+
 The following PHP class methods that have been previously deprecated for v9 have been removed:
 
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->convArray()`
@@ -28,6 +57,44 @@ The following PHP class methods that have been previously deprecated for v9 have
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->parse_charset()`
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->utf8_char2byte_pos()`
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->utf8_to_entities()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->getOptions()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->setOptions()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->getOptions()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->setOptions()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMinHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSaltLength()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSetting()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMinHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSetting()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSaltLength()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMinHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSaltLength()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSetting()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMinHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMinHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSaltLength()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSetting()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMaxHashCount()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMinHashCount()`
+
+
+The following PHP static class methods that have been previously deprecated for v9 have been removed:
+
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::determineSaltingHashingMethod()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getSaltingInstance()`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::setPreferredHashingMethod()`
+
 
 
 The following PHP static class methods that have been previously deprecated for v9 have been removed:
@@ -50,12 +117,29 @@ The following methods changed signature according to previous deprecations in v9
 
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->conv()` - Fourth argument dropped
 * :php:`TYPO3\CMS\Backend\Utility\BackendUtility::getPagesTSconfig()` - Second and third argument dropped
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->getHashedPassword()` - Second argument dropped
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getHashedPassword()` - Second argument dropped
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashedPassword()` - Second argument dropped
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashedPassword()` - Second argument dropped
 
 
 The following public class properties have been dropped:
 
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->synonyms`
 
+
+The following class methods have changed visibility:
+
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->base64Encode()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->isValidSalt()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->base64Encode()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->isValidSalt()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->base64Encode()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->isValidSalt()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->base64Encode()` changed from public to protected
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->isValidSalt()` changed from public to protected
+
+
 The following class properties have changed visibility:
 
 * :php:`TYPO3\CMS\Core\Charset\CharsetConverter->eucBasedSets` changed from public to protected
@@ -73,6 +157,33 @@ The following user TSconfig options have been dropped:
 
 * Prefix `mod.` to override page TSconfig is ignored
 
+The following constants have been dropped:
+
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::ITOA64`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MAX_HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MIN_HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::ITOA64`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::ITOA64`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MAX_HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MIN_HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::ITOA64`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MAX_HASH_COUNT`
+* :php:`TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MIN_HASH_COUNT`
+
+
+The following global options are ignored:
+
+* :php:`$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods']`
+
+
+The following language files and aliases have been removed:
+
+* :php:`EXT:saltedpasswords/Resources/Private/Language/locallang.xlf`
+* :php:`EXT:saltedpasswords/Resources/Private/Language/locallang_em.xlf`
+
 
 Impact
 ======
index e1e8752..7243acf 100644 (file)
@@ -8,19 +8,4 @@ return [
     'TYPO3\\CMS\\Core\\IO\\PharStreamWrapperException' => \TYPO3\PharStreamWrapper\Exception::class,
     'TYPO3\\CMS\\Core\\Tree\\TableConfiguration\\ExtJsArrayTreeRenderer' => \TYPO3\CMS\Core\Tree\TableConfiguration\ArrayTreeRenderer::class,
     'TYPO3\\CMS\\Core\\History\\RecordHistory' => \TYPO3\CMS\Core\DataHandling\History\RecordHistoryStore::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\AbstractSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\AbstractComposedSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\Argon2iSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\BcryptSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\BlowfishSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\ComposedSaltInterface' => \TYPO3\CMS\Core\Crypto\PasswordHashing\ComposedPasswordHashInterface::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Utility\\ExensionManagerConfigurationUtility' => \TYPO3\CMS\Core\Crypto\PasswordHashing\ExtensionManagerConfigurationUtility::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Exception\\InvalidSaltException' => \TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\Md5Salt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\SaltFactory' => \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\SaltInterface' => \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\Pbkdf2Salt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Salt\\PhpassSalt' => \TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::class,
-    'TYPO3\\CMS\\Saltedpasswords\\SaltedPasswordsService' => \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::class,
-    'TYPO3\\CMS\\Saltedpasswords\\Utility\\SaltedPasswordsUtility' => \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility::class,
 ];
index a2e1bf6..0e31e02 100644 (file)
@@ -23,60 +23,3 @@ namespace TYPO3\CMS\Sv {
     {
     }
 }
-
-namespace TYPO3\CMS\Saltedpasswords {
-    class SaltedPasswordsService extends \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService
-    {
-    }
-}
-
-namespace TYPO3\CMS\Saltedpasswords\Exception {
-    class InvalidSaltException extends \TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
-    {
-    }
-}
-
-namespace TYPO3\CMS\Saltedpasswords\Salt {
-    abstract class AbstractSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt
-    {
-    }
-    abstract class AbstractComposedSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt
-    {
-    }
-    class Argon2iSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash
-    {
-    }
-    class BcryptSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash
-    {
-    }
-    class BlowfishSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash
-    {
-    }
-    interface ComposedSaltInterface extends \TYPO3\CMS\Core\Crypto\PasswordHashing\ComposedPasswordHashInterface
-    {
-    }
-    class Md5Salt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash
-    {
-    }
-    class SaltFactory extends \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory
-    {
-    }
-    interface SaltInterface extends \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface
-    {
-    }
-    class Pbkdf2Salt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash
-    {
-    }
-    class PhpassSalt extends \TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash
-    {
-    }
-}
-
-namespace TYPO3\CMS\Saltedpasswords\Utility {
-    class ExensionManagerConfigurationUtility extends \TYPO3\CMS\Core\Crypto\PasswordHashing\ExtensionManagerConfigurationUtility
-    {
-    }
-    class SaltedPasswordsUtility extends \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility
-    {
-    }
-}
diff --git a/typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords.xlf b/typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords.xlf
deleted file mode 100644 (file)
index 6fdfda8..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xliff version="1.0" xmlns:t3="http://typo3.org/schemas/xliff">
-       <file t3:id="1415814981" source-language="en" datatype="plaintext" original="messages" date="2011-10-17T20:22:37Z" product-name="saltedpasswords">
-               <header/>
-               <body>
-                       <trans-unit id="ext.saltedpasswords.title.tx_saltedpasswords_salts_phpass">
-                               <source>Portable PHP password hashing (phpass)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.tx_saltedpasswords_salts_md5">
-                               <source>MD5 salted hashing (secure)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.tx_saltedpasswords_salts_blowfish">
-                               <source>Blowfish salted hashing (advanced)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.phpasssalt">
-                               <source>Portable PHP password hashing (phpass)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.md5salt">
-                               <source>MD5 salted hashing (secure)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.blowfishsalt">
-                               <source>Blowfish salted hashing (advanced)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.pbkdf2salt">
-                               <source>PBKDF2 key derivation (advanced)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.bcryptsalt">
-                               <source>Bcrypt password hashing (PHP native)</source>
-                       </trans-unit>
-                       <trans-unit id="ext.saltedpasswords.title.argon2isalt">
-                               <source>Argon2i password hashing (PHP native)</source>
-                       </trans-unit>
-               </body>
-       </file>
-</xliff>
diff --git a/typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords_em.xlf b/typo3/sysext/core/Resources/Private/Language/locallang_deprecated_saltedpasswords_em.xlf
deleted file mode 100644 (file)
index 1977ab1..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xliff version="1.0" xmlns:t3="http://typo3.org/schemas/xliff">
-       <file t3:id="1415814983" source-language="en" datatype="plaintext" original="messages" date="2011-10-17T20:22:32Z" product-name="saltedpasswords">
-               <header/>
-               <body>
-                       <trans-unit id="saltedpasswords.config.FE.saltedPWHashingMethod">
-                               <source>Hashing method for the frontend: Defines salted hashing method to use. Choose "Portable PHP password hashing" to stay compatible with other CMS (e.g. Drupal, Wordpress). Choose "MD5 salted hashing" to reuse TYPO3 passwords for OS level authentication (other servers could use TYPO3 passwords). Choose "Blowfish salted hashing" for advanced security to reuse passwords on OS level (Blowfish might not be supported on your system TODO).</source>
-                       </trans-unit>
-                       <trans-unit id="saltedpasswords.config.BE.saltedPWHashingMethod">
-                               <source>Hashing method for the backend: Defines salted hashing method to use. Choose "Portable PHP password hashing" to stay compatible with other CMS (e.g. Drupal, Wordpress). Choose "MD5 salted hashing" to reuse TYPO3 passwords for OS level authentication (other servers could use TYPO3 passwords). Choose "Blowfish salted hashing" for advanced security to reuse passwords on OS level (Blowfish might not be supported on your system TODO).</source>
-                       </trans-unit>
-               </body>
-       </file>
-</xliff>
diff --git a/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/be_users.xml b/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/be_users.xml
deleted file mode 100644 (file)
index 884707e..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<dataset>
-       <be_users>
-               <uid>1</uid>
-               <username>user_with_salted_password_1</username>
-               <password>$P$CDmA2Juu2h9/9MNaKaxtgzZgIVmjkh/</password> <!-- salted hash starting with $ -->
-               <disable>0</disable>
-               <deleted>0</deleted>
-       </be_users>
-       <be_users>
-               <uid>2</uid>
-               <username>user_with_salted_password_2</username>
-               <password>M$v2AultVYItaCpb.tpdx2aGAue8eL3/</password> <!-- salted hash starting with M$ -->
-               <disable>0</disable>
-               <deleted>0</deleted>
-       </be_users>
-       <be_users>
-               <uid>3</uid>
-               <username>user_with_insecure_password_1</username>
-               <password>5f4dcc3b5aa765d61d8327deb882cf99</password> <!-- simple md5 hash -->
-               <disable>0</disable>
-               <deleted>0</deleted>
-       </be_users>
-       <be_users>
-               <uid>4</uid>
-               <username>user_with_empty_password</username>
-               <password></password> <!-- empty password -->
-               <disable>0</disable>
-               <deleted>0</deleted>
-       </be_users>
-       <be_users>
-               <uid>5</uid>
-               <username>deleted_user_with_insecure_password</username>
-               <password>819b0643d6b89dc9b579fdfc9094f28e</password> <!-- simple md5 hash -->
-               <disable>0</disable>
-               <deleted>1</deleted> <!-- user is marked as deleted -->
-       </be_users>
-       <be_users>
-               <uid>6</uid>
-               <username>disabled_user_with_insecure_password</username>
-               <password>34cc93ece0ba9e3f6f235d4af979b16c</password> <!-- simple md5 hash -->
-               <disable>1</disable> <!-- user is marked as disabled -->
-               <deleted>0</deleted>
-       </be_users>
-</dataset>
diff --git a/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/fe_users.xml b/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/fe_users.xml
deleted file mode 100644 (file)
index 598fb5a..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<dataset>
-       <fe_users>
-               <uid>1</uid>
-               <username>user_with_salted_password</username>
-               <password>$P$CDmA2Juu2h9/9MNaKaxtgzZgIVmjkh/</password> <!-- salted hash starting with $ -->
-               <deleted>0</deleted>
-               <disable>0</disable>
-       </fe_users>
-       <fe_users>
-               <uid>2</uid>
-               <username>user_with_unsecured_password</username>
-               <password>5f4dcc3b5aa765d61d8327deb882cf99</password>
-               <deleted>0</deleted>
-               <disable>0</disable>
-       </fe_users>
-</dataset>
diff --git a/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordServiceTest.php b/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordServiceTest.php
deleted file mode 100644 (file)
index bbb83eb..0000000
+++ /dev/null
@@ -1,78 +0,0 @@
-<?php
-namespace TYPO3\CMS\Core\Tests\Functional\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService;
-use TYPO3\CMS\Core\Database\ConnectionPool;
-use TYPO3\CMS\Core\Utility\GeneralUtility;
-
-/**
- * Test case for \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService
- */
-class SaltedPasswordServiceTest extends \TYPO3\TestingFramework\Core\Functional\FunctionalTestCase
-{
-
-    /**
-     * XML database fixtures to be loaded into database.
-     *
-     * @var array
-     */
-    protected $xmlDatabaseFixtures = [
-        'typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/be_users.xml'
-    ];
-
-    /**
-     * @var SaltedPasswordService
-     */
-    protected $subject;
-
-    /**
-     * Sets up this test suite.
-     */
-    protected function setUp()
-    {
-        parent::setUp();
-        foreach ($this->xmlDatabaseFixtures as $fixture) {
-            $this->importDataSet($fixture);
-        }
-        $this->subject = GeneralUtility::makeInstance(SaltedPasswordService::class);
-    }
-
-    /**
-     * Check if service updates backend user password
-     *
-     * @test
-     */
-    public function checkIfServiceUpdatesBackendUserPassword()
-    {
-        $newPassword = ['password' => '008c5926ca861023c1d2a36653fd88e2'];
-
-        $this->subject->pObj = new \stdClass();
-        $this->subject->pObj->user_table = 'be_users';
-
-        $this->callInaccessibleMethod($this->subject, 'updatePassword', 3, $newPassword);
-
-        $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
-
-        $currentPassword = $queryBuilder
-            ->select('password')
-            ->from('be_users')
-            ->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(3, \PDO::PARAM_INT)))
-            ->execute()
-            ->fetchColumn();
-
-        $this->assertEquals($newPassword['password'], $currentPassword);
-    }
-}
diff --git a/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordsUtilityTest.php b/typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/SaltedPasswordsUtilityTest.php
deleted file mode 100644 (file)
index b70fc20..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-<?php
-namespace TYPO3\CMS\Core\Tests\Functional\Crypto\PasswordHashing\Utility;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility;
-
-/**
- * Test case for \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility
- */
-class SaltedPasswordsUtilityTest extends \TYPO3\TestingFramework\Core\Functional\FunctionalTestCase
-{
-
-    /**
-     * XML database fixtures to be loaded into database.
-     *
-     * @var array
-     */
-    protected $xmlDatabaseFixtures = [
-        'typo3/sysext/core/Tests/Functional/Crypto/PasswordHashing/Fixtures/be_users.xml'
-    ];
-
-    /**
-     * Sets up this test suite.
-     */
-    protected function setUp()
-    {
-        parent::setUp();
-        foreach ($this->xmlDatabaseFixtures as $fixture) {
-            $this->importDataSet($fixture);
-        }
-    }
-
-    /**
-     * Check if salted password utility returns the correct number of backend users with insecure passwords
-     *
-     * @test
-     */
-    public function checkIfNumberOfBackendUsersWithInsecurePasswordsIsFetchedCorrectly()
-    {
-        $this->assertEquals(3, SaltedPasswordsUtility::getNumberOfBackendUsersWithInsecurePassword());
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Argon2iPasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Argon2iPasswordHashTest.php
deleted file mode 100644 (file)
index 08e8843..0000000
+++ /dev/null
@@ -1,73 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class Argon2iPasswordHashTest extends UnitTestCase
-{
-    /**
-     * @test
-     */
-    public function getOptionsReturnsPreviouslySetOptions()
-    {
-        $options = [
-            'memory_cost' => 2048,
-            'time_cost' => 4,
-            'threads' => 4,
-        ];
-        $subject = new Argon2iPasswordHash();
-        $subject->setOptions($options);
-        $this->assertSame($subject->getOptions(), $options);
-    }
-
-    /**
-     * @test
-     */
-    public function setOptionsThrowsExceptionWithTooLowMemoryCost()
-    {
-        $this->expectException(\InvalidArgumentException::class);
-        $this->expectExceptionCode(1526042080);
-        $subject = new Argon2iPasswordHash();
-        $subject->setOptions(['memory_cost' => 1]);
-    }
-
-    /**
-     * @test
-     */
-    public function setOptionsThrowsExceptionWithTooLowTimeCost()
-    {
-        $this->expectException(\InvalidArgumentException::class);
-        $this->expectExceptionCode(1526042081);
-        $subject = new Argon2iPasswordHash();
-        $subject->setOptions(['time_cost' => 1]);
-    }
-
-    /**
-     * @test
-     */
-    public function setOptionsThrowsExceptionWithTooLowThreads()
-    {
-        $this->expectException(\InvalidArgumentException::class);
-        $this->expectExceptionCode(1526042082);
-        $subject = new Argon2iPasswordHash();
-        $subject->setOptions(['threads' => 1]);
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BcryptPasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BcryptPasswordHashTest.php
deleted file mode 100644 (file)
index a13ebde..0000000
+++ /dev/null
@@ -1,64 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class BcryptPasswordHashTest extends UnitTestCase
-{
-    /**
-     * @var BcryptPasswordHash
-     */
-    protected $subject;
-
-    /**
-     * Sets up the fixtures for this testcase.
-     */
-    protected function setUp()
-    {
-        // Set a low cost to speed up tests
-        $options = [
-            'cost' => 10,
-        ];
-        $this->subject = new BcryptPasswordHash($options);
-    }
-
-    /**
-     * @test
-     */
-    public function getOptionsReturnsPreviouslySetOptions()
-    {
-        $options = [
-            'cost' => 11,
-        ];
-        $this->subject->setOptions($options);
-        $this->assertSame($this->subject->getOptions(), $options);
-    }
-
-    /**
-     * @test
-     */
-    public function setOptionsThrowsExceptionOnTooLowCostValue()
-    {
-        $this->expectException(\InvalidArgumentException::class);
-        $this->expectExceptionCode(1526042084);
-        $this->subject->setOptions(['cost' => 9]);
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BlowfishPasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/BlowfishPasswordHashTest.php
deleted file mode 100644 (file)
index 155b2e2..0000000
+++ /dev/null
@@ -1,148 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\Random;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class BlowfishPasswordHashTest extends UnitTestCase
-{
-    /**
-     * Keeps instance of object to test.
-     *
-     * @var \TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash
-     */
-    protected $objectInstance;
-
-    /**
-     * Sets up the fixtures for this testcase.
-     */
-    protected function setUp()
-    {
-        if (!CRYPT_BLOWFISH) {
-            $this->markTestSkipped('Blowfish is not supported on your platform.');
-        }
-        $this->objectInstance = $this->getMockBuilder(\TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::class)
-            ->setMethods(['dummy'])
-            ->getMock();
-    }
-
-    /**
-     * @test
-     */
-    public function nonZeroSaltLength()
-    {
-        $this->assertTrue($this->objectInstance->getSaltLength() > 0);
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting()
-    {
-        $password = 'password';
-        // custom salt without setting
-        $randomBytes = (new Random())->generateRandomBytes($this->objectInstance->getSaltLength());
-        $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
-        $this->assertTrue($this->objectInstance->isValidSalt($salt));
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
-        $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForMinimumHashCount()
-    {
-        $password = 'password';
-        $minHashCount = $this->objectInstance->getMinHashCount();
-        $this->objectInstance->setHashCount($minHashCount);
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function passwordVariationsResultInDifferentHashes()
-    {
-        $pad = 'a';
-        $criticalPwLength = 0;
-        // We're using a constant salt.
-        $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
-        for ($i = 0; $i <= 128; $i += 8) {
-            $password = str_repeat($pad, max($i, 1));
-            $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
-            $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-            if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
-                $criticalPwLength = $i;
-                break;
-            }
-        }
-        $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
-    }
-
-    /**
-     * @test
-     */
-    public function modifiedHashCount()
-    {
-        $hashCount = $this->objectInstance->getHashCount();
-        $this->objectInstance->setMaxHashCount($hashCount + 1);
-        $this->objectInstance->setHashCount($hashCount + 1);
-        $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
-        $this->objectInstance->setMinHashCount($hashCount - 1);
-        $this->objectInstance->setHashCount($hashCount - 1);
-        $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForIncreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $increasedHashCount = $this->objectInstance->getHashCount() + 1;
-        $this->objectInstance->setMaxHashCount($increasedHashCount);
-        $this->objectInstance->setHashCount($increasedHashCount);
-        $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForDecreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
-        $this->objectInstance->setMinHashCount($decreasedHashCount);
-        $this->objectInstance->setHashCount($decreasedHashCount);
-        $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Md5PasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Md5PasswordHashTest.php
deleted file mode 100644 (file)
index 39254f6..0000000
+++ /dev/null
@@ -1,89 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash;
-use TYPO3\CMS\Core\Crypto\Random;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class Md5PasswordHashTest extends UnitTestCase
-{
-    /**
-     * Keeps instance of object to test.
-     *
-     * @var Md5PasswordHash
-     */
-    protected $objectInstance;
-
-    /**
-     * Sets up the fixtures for this testcase.
-     */
-    protected function setUp()
-    {
-        if (!CRYPT_MD5) {
-            $this->markTestSkipped('Blowfish is not supported on your platform.');
-        }
-        $this->objectInstance = $this->getMockBuilder(Md5PasswordHash::class)
-            ->setMethods(['dummy'])
-            ->getMock();
-    }
-
-    /**
-     * @test
-     */
-    public function nonZeroSaltLength()
-    {
-        $this->assertTrue($this->objectInstance->getSaltLength() > 0);
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting()
-    {
-        $password = 'password';
-        // custom salt without setting
-        $randomBytes = (new Random())->generateRandomBytes($this->objectInstance->getSaltLength());
-        $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
-        $this->assertTrue($this->objectInstance->isValidSalt($salt));
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
-        $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
-    }
-
-    /**
-     * @test
-     */
-    public function passwordVariationsResultInDifferentHashes()
-    {
-        $pad = 'a';
-        $criticalPwLength = 0;
-        // We're using a constant salt.
-        $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
-        for ($i = 0; $i <= 128; $i += 8) {
-            $password = str_repeat($pad, max($i, 1));
-            $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
-            $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-            if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
-                $criticalPwLength = $i;
-                break;
-            }
-        }
-        $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PasswordHashFactoryTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PasswordHashFactoryTest.php
deleted file mode 100644 (file)
index d7c1503..0000000
+++ /dev/null
@@ -1,104 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
-use TYPO3\CMS\Core\Crypto\Random;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class PasswordHashFactoryTest extends UnitTestCase
-{
-    /**
-     * @test
-     */
-    public function abstractComposedSaltBase64EncodeReturnsProperLength()
-    {
-        $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords'] = [
-            'BE' => [
-                'saltedPWHashingMethod' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::class,
-            ],
-            'FE' => [
-                'saltedPWHashingMethod' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::class,
-            ],
-        ];
-
-        // set up an instance that extends AbstractComposedSalt first
-        $saltPbkdf2 = '$pbkdf2-sha256$6400$0ZrzXitFSGltTQnBWOsdAw$Y11AchqV4b0sUisdZd0Xr97KWoymNE0LNNrnEgY4H9M';
-        $objectInstance = PasswordHashFactory::getSaltingInstance($saltPbkdf2);
-
-        // 3 Bytes should result in a 6 char length base64 encoded string
-        // used for MD5 and PHPass salted hashing
-        $byteLength = 3;
-        $reqLengthBase64 = (int)ceil($byteLength * 8 / 6);
-        $randomBytes = (new Random())->generateRandomBytes($byteLength);
-        $this->assertTrue(strlen($objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
-        // 16 Bytes should result in a 22 char length base64 encoded string
-        // used for Blowfish salted hashing
-        $byteLength = 16;
-        $reqLengthBase64 = (int)ceil($byteLength * 8 / 6);
-        $randomBytes = (new Random())->generateRandomBytes($byteLength);
-        $this->assertTrue(strlen($objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
-    }
-
-    /**
-     * @test
-     */
-    public function objectInstanceForPhpPasswordHashBcryptSalts()
-    {
-        $saltBcrypt = '$2y$12$Tz.al0seuEgRt61u0bzqAOWu67PgG2ThG25oATJJ0oS5KLCPCgBOe';
-        $objectInstance = PasswordHashFactory::getSaltingInstance($saltBcrypt);
-        $this->assertInstanceOf(\TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash::class, $objectInstance);
-    }
-
-    /**
-     * @test
-     */
-    public function objectInstanceForPhpPasswordHashArgon2iSalts()
-    {
-        $saltArgon2i = '$argon2i$v=19$m=8,t=1,p=1$djZiNkdEa3lOZm1SSmZsdQ$9iiRjpLZAT7kfHwS1xU9cqSU7+nXy275qpB/eKjI1ig';
-        $objectInstance = PasswordHashFactory::getSaltingInstance($saltArgon2i);
-        $this->assertInstanceOf(\TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash::class, $objectInstance);
-    }
-
-    /**
-     * @test
-     */
-    public function resettingFactoryInstanceSucceeds()
-    {
-        $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords'] = [
-            'BE' => [
-                'saltedPWHashingMethod' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::class,
-            ],
-            'FE' => [
-                'saltedPWHashingMethod' => \TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::class,
-            ],
-        ];
-
-        $defaultClassNameToUse = \TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
-        if ($defaultClassNameToUse == \TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::class) {
-            $saltedPW = '$P$CWF13LlG/0UcAQFUjnnS4LOqyRW43c.';
-        } else {
-            $saltedPW = '$1$rasmusle$rISCgZzpwk3UhDidwXvin0';
-        }
-        $objectInstance = PasswordHashFactory::getSaltingInstance($saltedPW);
-        // resetting
-        $objectInstance = PasswordHashFactory::getSaltingInstance(null);
-        $this->assertTrue(get_class($objectInstance) == $defaultClassNameToUse || is_subclass_of($objectInstance, $defaultClassNameToUse));
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Pbkdf2PasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/Pbkdf2PasswordHashTest.php
deleted file mode 100644 (file)
index 1db12ab..0000000
+++ /dev/null
@@ -1,138 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash;
-use TYPO3\CMS\Core\Crypto\Random;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class Pbkdf2PasswordHashTest extends UnitTestCase
-{
-    /**
-     * Keeps instance of object to test.
-     *
-     * @var Pbkdf2PasswordHash
-     */
-    protected $subject;
-
-    /**
-     * Sets up the fixtures for this testcase.
-     */
-    protected function setUp()
-    {
-        $this->subject = new Pbkdf2PasswordHash(['hash_count' => 1001]);
-    }
-
-    /**
-     * @test
-     */
-    public function nonZeroSaltLength()
-    {
-        $this->assertTrue($this->subject->getSaltLength() > 0);
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting()
-    {
-        $password = 'password';
-        // custom salt without setting
-        $randomBytes = (new Random())->generateRandomBytes($this->subject->getSaltLength());
-        $salt = $this->subject->base64Encode($randomBytes, $this->subject->getSaltLength());
-        $this->assertTrue($this->subject->isValidSalt($salt));
-        $saltedHashPassword = $this->subject->getHashedPassword($password, '6400$' . $salt);
-        $this->assertTrue($this->subject->isValidSaltedPW($saltedHashPassword));
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForMinimumHashCount()
-    {
-        $password = 'password';
-        $minHashCount = $this->subject->getMinHashCount();
-        $this->subject->setHashCount($minHashCount);
-        $saltedHashPassword = $this->subject->getHashedPassword($password);
-        $this->assertTrue($this->subject->isValidSaltedPW($saltedHashPassword));
-        // reset hashcount
-        $this->subject->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function passwordVariationsResultInDifferentHashes()
-    {
-        $pad = 'a';
-        $criticalPwLength = 0;
-        // We're using a constant salt.
-        $saltedHashPasswordCurrent = $salt = $this->subject->getHashedPassword($pad);
-        for ($i = 0; $i <= 128; $i += 8) {
-            $password = str_repeat($pad, max($i, 1));
-            $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
-            $saltedHashPasswordCurrent = $this->subject->getHashedPassword($password, $salt);
-            if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
-                $criticalPwLength = $i;
-                break;
-            }
-        }
-        $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
-    }
-
-    /**
-     * @test
-     */
-    public function modifiedHashCount()
-    {
-        $hashCount = $this->subject->getHashCount();
-        $this->subject->setMaxHashCount($hashCount + 1);
-        $this->subject->setHashCount($hashCount + 1);
-        $this->assertTrue($this->subject->getHashCount() > $hashCount);
-        $this->subject->setMinHashCount($hashCount - 1);
-        $this->subject->setHashCount($hashCount - 1);
-        $this->assertTrue($this->subject->getHashCount() < $hashCount);
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForIncreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->subject->getHashedPassword($password);
-        $increasedHashCount = $this->subject->getHashCount() + 1;
-        $this->subject->setMaxHashCount($increasedHashCount);
-        $this->subject->setHashCount($increasedHashCount);
-        $this->assertTrue($this->subject->isHashUpdateNeeded($saltedHashPassword));
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForDecreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->subject->getHashedPassword($password);
-        $decreasedHashCount = $this->subject->getHashCount() - 1;
-        $this->subject->setMinHashCount($decreasedHashCount);
-        $this->subject->setHashCount($decreasedHashCount);
-        $this->assertFalse($this->subject->isHashUpdateNeeded($saltedHashPassword));
-    }
-}
diff --git a/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PhpassPasswordHashTest.php b/typo3/sysext/core/Tests/UnitDeprecated/Crypto/PasswordHashing/PhpassPasswordHashTest.php
deleted file mode 100644 (file)
index 2e75be1..0000000
+++ /dev/null
@@ -1,146 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\UnitDeprecated\Crypto\PasswordHashing;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash;
-use TYPO3\CMS\Core\Crypto\Random;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Test case
- */
-class PhpassPasswordHashTest extends UnitTestCase
-{
-    /**
-     * Keeps instance of object to test.
-     *
-     * @var PhpassPasswordHash
-     */
-    protected $objectInstance;
-
-    /**
-     * Sets up the fixtures for this testcase.
-     */
-    protected function setUp()
-    {
-        $this->objectInstance = $this->getMockBuilder(PhpassPasswordHash::class)
-            ->setMethods(['dummy'])
-            ->getMock();
-    }
-
-    /**
-     * @test
-     */
-    public function nonZeroSaltLength()
-    {
-        $this->assertTrue($this->objectInstance->getSaltLength() > 0);
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForCustomSaltWithoutSetting()
-    {
-        $password = 'password';
-        // custom salt without setting
-        $randomBytes = (new Random())->generateRandomBytes($this->objectInstance->getSaltLength());
-        $salt = $this->objectInstance->base64Encode($randomBytes, $this->objectInstance->getSaltLength());
-        $this->assertTrue($this->objectInstance->isValidSalt($salt));
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password, $salt);
-        $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
-    }
-
-    /**
-     * @test
-     */
-    public function createdSaltedHashOfProperStructureForMinimumHashCount()
-    {
-        $password = 'password';
-        $minHashCount = $this->objectInstance->getMinHashCount();
-        $this->objectInstance->setHashCount($minHashCount);
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $this->assertTrue($this->objectInstance->isValidSaltedPW($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function passwordVariationsResultInDifferentHashes()
-    {
-        $pad = 'a';
-        $criticalPwLength = 0;
-        // We're using a constant salt.
-        $saltedHashPasswordCurrent = $salt = $this->objectInstance->getHashedPassword($pad);
-        for ($i = 0; $i <= 128; $i += 8) {
-            $password = str_repeat($pad, max($i, 1));
-            $saltedHashPasswordPrevious = $saltedHashPasswordCurrent;
-            $saltedHashPasswordCurrent = $this->objectInstance->getHashedPassword($password, $salt);
-            if ($i > 0 && $saltedHashPasswordPrevious === $saltedHashPasswordCurrent) {
-                $criticalPwLength = $i;
-                break;
-            }
-        }
-        $this->assertTrue($criticalPwLength == 0 || $criticalPwLength > 32, 'Duplicates of hashed passwords with plaintext password of length ' . $criticalPwLength . '+.');
-    }
-
-    /**
-     * @test
-     */
-    public function modifiedHashCount()
-    {
-        $hashCount = $this->objectInstance->getHashCount();
-        $this->objectInstance->setMaxHashCount($hashCount + 1);
-        $this->objectInstance->setHashCount($hashCount + 1);
-        $this->assertTrue($this->objectInstance->getHashCount() > $hashCount);
-        $this->objectInstance->setMinHashCount($hashCount - 1);
-        $this->objectInstance->setHashCount($hashCount - 1);
-        $this->assertTrue($this->objectInstance->getHashCount() < $hashCount);
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForIncreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $increasedHashCount = $this->objectInstance->getHashCount() + 1;
-        $this->objectInstance->setMaxHashCount($increasedHashCount);
-        $this->objectInstance->setHashCount($increasedHashCount);
-        $this->assertTrue($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-
-    /**
-     * @test
-     */
-    public function updateNecessityForDecreasedHashcount()
-    {
-        $password = 'password';
-        $saltedHashPassword = $this->objectInstance->getHashedPassword($password);
-        $decreasedHashCount = $this->objectInstance->getHashCount() - 1;
-        $this->objectInstance->setMinHashCount($decreasedHashCount);
-        $this->objectInstance->setHashCount($decreasedHashCount);
-        $this->assertFalse($this->objectInstance->isHashUpdateNeeded($saltedHashPassword));
-        // reset hashcount
-        $this->objectInstance->setHashCount(null);
-    }
-}
index 6aba2a6..d3d87d4 100644 (file)
@@ -167,7 +167,8 @@ return [
     ],
     '$GLOBALS[\'TYPO3_CONF_VARS\'][\'SC_OPTIONS\'][\'ext/saltedpasswords\'][\'saltMethods\']' => [
         'restFiles' => [
-            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst'
+            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     '$GLOBALS[\'TYPO3_CONF_VARS\'][\'SC_OPTIONS\'][\'tslib/class.tslib_fe.php\'][\'hook_previewInfo\']' => [
index bb4e9b1..4b85643 100644 (file)
@@ -58,66 +58,79 @@ return [
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::ITOA64' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::MAX_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt::MIN_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::ITOA64' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::ITOA64' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::MAX_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt::MIN_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::ITOA64' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::MAX_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::MIN_HASH_COUNT' => [
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\DataHandling\TableColumnSubType::FILE' => [
index e8f808d..1089ebd 100644 (file)
@@ -720,6 +720,7 @@ return [
     'TYPO3\CMS\Saltedpasswords\SaltedPasswordService' => [
         'restFiles' => [
             'Deprecation-85761-SaltedPasswordService.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Extbase\Service\FlexFormService' => [
@@ -729,92 +730,110 @@ return [
     ],
     'TYPO3\CMS\Core\Crypto\PasswordHashing\Salt\ComposedPasswordHashInterface' => [
         'restFiles' => [
-            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst'
+            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Crypto\PasswordHashing\Salt\AbstractComposedSalt' => [
         'restFiles' => [
-            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst'
+            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Crypto\PasswordHashing\Utility\ExtensionManagerConfigurationUtility' => [
         'restFiles' => [
-            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst'
+            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Crypto\PasswordHashing\Utility\SaltedPasswordsUtility' => [
         'restFiles' => [
-            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst'
+            'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Argon2ISalt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Exception\InvalidSaltException' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\SaltFactory' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\SaltInterface' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\AbstractComposedSalt' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\ComposedSaltInterface' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Utility\ExensionManagerConfigurationUtility' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\SaltedPasswordsService' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility' => [
         'restFiles' => [
             'Deprecation-85833-ExtensionSaltedpasswordsMergedIntoCoreExtension.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Workspaces\Service\AutoPublishService' => [
index 95598c2..f1ffa45 100644 (file)
@@ -181,24 +181,28 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt->getHashedPassword' => [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getHashedPassword' => [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getHashedPassword' => [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Page\PageRenderer->addInlineLanguageLabelArray' => [
index 7120e08..e074918 100644 (file)
@@ -2786,6 +2786,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Argon2iSalt->setOptions' => [
@@ -2793,6 +2794,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt->getOptions' => [
@@ -2800,6 +2802,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt->setOptions' => [
@@ -2807,6 +2810,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->getHashCount' => [
@@ -2814,6 +2818,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->getMaxHashCount' => [
@@ -2821,6 +2826,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->getMinHashCount' => [
@@ -2828,6 +2834,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->getSaltLength' => [
@@ -2835,6 +2842,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->getSetting' => [
@@ -2842,6 +2850,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->setHashCount' => [
@@ -2849,6 +2858,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->setMaxHashCount' => [
@@ -2856,6 +2866,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->setMinHashCount' => [
@@ -2863,6 +2874,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt->getSetting' => [
@@ -2870,6 +2882,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt->getSaltLength' => [
@@ -2877,6 +2890,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getHashCount' => [
@@ -2884,6 +2898,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getMaxHashCount' => [
@@ -2891,6 +2906,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getMinHashCount' => [
@@ -2898,6 +2914,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getSaltLength' => [
@@ -2905,6 +2922,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->getSetting' => [
@@ -2912,6 +2930,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->setHashCount' => [
@@ -2919,6 +2938,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->setMaxHashCount' => [
@@ -2926,6 +2946,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->setMinHashCount' => [
@@ -2933,6 +2954,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getHashCount' => [
@@ -2940,6 +2962,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getMaxHashCount' => [
@@ -2947,6 +2970,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getMinHashCount' => [
@@ -2954,6 +2978,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getSaltLength' => [
@@ -2961,6 +2986,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->getSetting' => [
@@ -2968,6 +2994,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->setHashCount' => [
@@ -2975,6 +3002,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->setMaxHashCount' => [
@@ -2982,6 +3010,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->setMinHashCount' => [
@@ -2989,6 +3018,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->isValidSalt' => [
@@ -2996,6 +3026,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt->base64Encode' => [
@@ -3003,6 +3034,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt->isValidSalt' => [
@@ -3010,6 +3042,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Md5Salt->base64Encode' => [
@@ -3017,6 +3050,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->isValidSalt' => [
@@ -3024,6 +3058,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->base64Encode' => [
@@ -3031,6 +3066,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt->base64Decode' => [
@@ -3038,6 +3074,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->isValidSalt' => [
@@ -3045,6 +3082,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt->base64Encode' => [
@@ -3052,6 +3090,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85804-SaltedPasswordHashClassDeprecations.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Core\Bootstrap->configure' => [
index 6317f32..1ad4c31 100644 (file)
@@ -581,6 +581,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85027-SaltedPasswordsRelatedMethodsAndClasses.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Core\Utility\GeneralUtility::arrayToLogString' => [
@@ -641,6 +642,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85796-SaltedPasswordsCleanups.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod' => [
@@ -648,6 +650,7 @@ return [
         'maximumNumberOfArguments' => 2,
         'restFiles' => [
             'Deprecation-85796-SaltedPasswordsCleanups.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::setPreferredHashingMethod' => [
@@ -655,6 +658,7 @@ return [
         'maximumNumberOfArguments' => 1,
         'restFiles' => [
             'Deprecation-85796-SaltedPasswordsCleanups.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getNumberOfBackendUsersWithInsecurePassword' => [
@@ -662,6 +666,7 @@ return [
         'maximumNumberOfArguments' => 0,
         'restFiles' => [
             'Deprecation-85796-SaltedPasswordsCleanups.rst',
+            'Breaking-87193-DeprecatedFunctionalityRemoved.rst',
         ],
     ],
     'TYPO3\CMS\Tstemplate\Controller\TypoScriptTemplateModuleController::renderList' => [