ParagonIE\PasswordLock\PasswordLock::decryptAndVerifyLegacy PHP Method

PasswordLock Class Documentation Exibir arquivo Open project: paragonie/password_lock

decryptAndVerifyLegacy() public static method

1. VerifyHMAC-then-Decrypt the ciphertext to get the hash 2. Verify that the password matches the hash

public static decryptAndVerifyLegacy ( string $password, string $ciphertext, string $aesKey ) : boolean
$password	string
$ciphertext	string
$aesKey	string	- must be exactly 16 bytes
return	boolean

    public static function decryptAndVerifyLegacy(string $password, string $ciphertext, string $aesKey) : bool
    {
        if (!\is_string($password)) {
            throw new \InvalidArgumentException('Password must be a string.');
        }
        if (Binary::safeStrlen($aesKey) !== 16) {
            throw new \Exception("Encryption keys must be 16 bytes long");
        }
        $hash = Crypto::legacyDecrypt($ciphertext, $aesKey);
        return \password_verify(Base64::encode(\hash('sha256', $password, true)), $hash);
    }

PasswordLock

decryptAndVerify

decryptAndVerifyLegacy

hashAndEncrypt

rotateKey

upgradeFromVersion1