[4.0] Deleting SHA256 password support (#23872)

* Deleting SHA256 password support * Removing more SHA256 code * Removing more SHA256 code Co-authored-by: Robert Deutz <rdeutz@googlemail.com> Co-authored-by: George Wilson <georgejameswilson@googlemail.com>
joomla · Feb 20, 2020 · fe5da26 · fe5da26
1 parent 08ef113
commit fe5da26
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 136 deletions.
diff --git a/libraries/src/Authentication/Password/SHA256Handler.php b/libraries/src/Authentication/Password/SHA256Handler.php
diff --git a/libraries/src/Service/Provider/Authentication.php b/libraries/src/Service/Provider/Authentication.php
@@ -19,7 +19,6 @@
 use Joomla\CMS\Authentication\Password\ChainedHandler;
 use Joomla\CMS\Authentication\Password\MD5Handler;
 use Joomla\CMS\Authentication\Password\PHPassHandler;
-use Joomla\CMS\Authentication\Password\SHA256Handler;
 use Joomla\DI\Container;
 use Joomla\DI\ServiceProviderInterface;
 
@@ -84,7 +83,6 @@ function (Container $container)
 					}
 
 					$handler->addHandler($container->get(PHPassHandler::class));
-					$handler->addHandler($container->get(SHA256Handler::class));
 					$handler->addHandler($container->get(MD5Handler::class));
 
 					return $handler;
@@ -142,24 +140,5 @@ function (Container $container)
 				},
 				true
 			);
-
-		$container->alias('password.handler.sha256', SHA256Handler::class)
-			->share(
-				SHA256Handler::class,
-				function (Container $container)
-				{
-					@trigger_error(
-						sprintf(
-							'The "%1$s" class service is deprecated, use the "%2$s" service for the active password handler instead.',
-							SHA256Handler::class,
-							'password.handler.default'
-						),
-						E_USER_DEPRECATED
-					);
-
-					return new SHA256Handler;
-				},
-				true
-			);
 	}
 }
diff --git a/libraries/src/User/UserHelper.php b/libraries/src/User/UserHelper.php
@@ -18,7 +18,6 @@
 use Joomla\CMS\Authentication\Password\CheckIfRehashNeededHandlerInterface;
 use Joomla\CMS\Authentication\Password\MD5Handler;
 use Joomla\CMS\Authentication\Password\PHPassHandler;
-use Joomla\CMS\Authentication\Password\SHA256Handler;
 use Joomla\CMS\Crypt\Crypt;
 use Joomla\CMS\Factory;
 use Joomla\CMS\Language\Text;
@@ -87,15 +86,6 @@ abstract class UserHelper
 	 */
 	const HASH_PHPASS = 101;
 
-	/**
-	 * Constant defining the SHA256 password algorithm for use with password hashes
-	 *
-	 * @var    integer
-	 * @since  4.0.0
-	 * @deprecated  5.0  Support for SHA256 hashed passwords will be removed
-	 */
-	const HASH_SHA256 = 102;
-
 	/**
 	 * Method to add a user to a group.
 	 *
@@ -415,9 +405,6 @@ public static function hashPassword($password, $algorithm = self::HASH_BCRYPT, a
 
 			case self::HASH_PHPASS :
 				return $container->get(PHPassHandler::class)->hashPassword($password, $options);
-
-			case self::HASH_SHA256 :
-				return $container->get(SHA256Handler::class)->hashPassword($password, $options);
 		}
 
 		// Unsupported algorithm, sorry!
@@ -470,11 +457,6 @@ public static function verifyPassword($password, $hash, $user_id = 0)
 			/** @var BCryptHandler $handler */
 			$handler = $container->get(BCryptHandler::class);
 		}
-		elseif (substr($hash, 0, 8) === '{SHA256}')
-		{
-			/** @var SHA256Handler $handler */
-			$handler = $container->get(SHA256Handler::class);
-		}
 		else
 		{
 			/** @var ChainedHandler $handler */