public static function verify($input, $hash, $password)
{
// Get the salt value from the decrypted prefix
$salt = Str::substr($hash, 0, 16);
// Get the encrypted cost bytes
$cost = self::bin2dec(Otp::crypt(Str::substr($hash, 28, 4), $password));
// Get the entire cost+hash blob for comparison
$blob = Str::substr($hash, 16, 16);
if (!Str::equal(self::costHash($cost, $salt, $password), $blob)) {
return false;
}
// Return the boolean equivalence
return Str::equal($hash, self::build($input, $password, $cost, $salt));
}