ParagonIE\Halite\Password::verify PHP Method

Password Class Documentation Usage Examples Of ParagonIE\Halite\Password::verify Show file Open project: paragonie/halite

verify() public static method

Decrypt then verify a password

public static verify ( HiddenString $password, string $stored, EncryptionKey $secretKey ) : boolean
$password	HiddenString	The user's password
$stored	string	The encrypted password hash
$secretKey	EncryptionKey	The master key for all passwords
return	boolean	Is this password valid?

    public static function verify(HiddenString $password, string $stored, EncryptionKey $secretKey) : bool
    {
        $config = self::getConfig($stored);
        // Base64-urlsafe encoded, so 4/3 the size of raw binary
        if (Util::safeStrlen($stored) < $config->SHORTEST_CIPHERTEXT_LENGTH * 4 / 3) {
            throw new InvalidMessage('Encrypted password hash is too short.');
        }
        // First let's decrypt the hash
        $hash_str = Crypto::decrypt($stored, $secretKey, $config->ENCODING);
        // Upon successful decryption, verify the password is correct
        return \Sodium\crypto_pwhash_str_verify($hash_str->getString(), $password->getString());
    }

Usage Example

Example #1

Show file

File: PasswordTest.php Project: TheFrozenFire/halite

 public function testEncrypt()
 {
     $key = new EncryptionKey(\str_repeat('A', 32));
     $hash = Password::hash('test password', $key);
     $this->assertTrue(is_string($hash));
     $this->assertTrue(Password::verify('test password', $hash, $key));
     $this->assertFalse(Password::verify('wrong password', $hash, $key));
 }

All Usage Examples Of ParagonIE\Halite\Password::verify

Password

getConfig

hash

needsRehash

verify