public static hashAndEncrypt ( string $password, Defuse\Crypto\Key $aesKey ) : string | ||
$password | string | |
$aesKey | Defuse\Crypto\Key | |
return | string |
public static function hashAndEncrypt(string $password, Key $aesKey) : string
{
if (!\is_string($password)) {
throw new \InvalidArgumentException('Password must be a string.');
}
$hash = \password_hash(Base64::encode(\hash('sha384', $password, true)), PASSWORD_DEFAULT);
if ($hash === false) {
throw new \Exception("Unknown hashing error.");
}
return Crypto::encrypt($hash, $aesKey);
}
/** * @expectedException \Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException */ public function testBitflip() { $key = Key::createNewRandomKey(); $password = PasswordLock::hashAndEncrypt('YELLOW SUBMARINE', $key); $password[0] = \ord($password[0]) === 0 ? 255 : 0; PasswordLock::decryptAndVerify('YELLOW SUBMARINE', $password, $key); }