| public checkRSAEncryptedPassword ( string $encryptedPassword, string $passwordHash, string $salt, string $fingerprint ) : boolean | ||
| $encryptedPassword | string | The received, RSA encrypted password to check |
| $passwordHash | string | The md5 hashed password string (md5(md5(password) . salt)) |
| $salt | string | The salt used in the md5 password hash |
| $fingerprint | string | The fingerprint to identify the private key (RSA public key fingerprint) |
| Результат | boolean | TRUE if the password is correct |
public function checkRSAEncryptedPassword($encryptedPassword, $passwordHash, $salt, $fingerprint)
{
if ($fingerprint === null || !isset($this->keys[$fingerprint])) {
throw new InvalidKeyPairIdException('Invalid keypair fingerprint given', 1233655216);
}
$decryptedPassword = $this->decryptWithPrivateKey($encryptedPassword, $this->keys[$fingerprint]['privateKey']);
return $passwordHash === md5(md5($decryptedPassword) . $salt);
} /**
* @test
*/
public function checkRSAEncryptedPasswordReturnsFalseForAnIncorrectPassword()
{
$encryptedPassword = $this->rsaWalletService->encryptWithPublicKey('wrong password', $this->keyPairUuid);
$passwordHash = 'af1e8a52451786a6b3bf78838e03a0a2';
$salt = 'a709157e66e0197cafa0c2ba99f6e252';
$this->assertFalse($this->rsaWalletService->checkRSAEncryptedPassword($encryptedPassword, $passwordHash, $salt, $this->keyPairUuid));
}
