/**
* Hash then encrypt a password
*
* @param string $password - The user's password
* @param Key $secret_key - The master key for all passwords
* @return string
*/
public static function hash($password, \ParagonIE\Halite\Contract\CryptoKeyInterface $secret_key)
{
// First, let's calculate the hash
$hashed = \Sodium\crypto_pwhash_scryptsalsa208sha256_str($password, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
// Now let's encrypt the result
return Symmetric::encrypt($hashed, $secret_key);
}
/**
* Hash then encrypt a password
*
* @param string $password - The user's password
* @param EncryptionKey $secret_key - The master key for all passwords
* @return string
*/
public static function hash($password, KeyInterface $secret_key)
{
if (!$secret_key instanceof EncryptionKey) {
throw new \ParagonIE\Halite\Alerts\InvalidKey('Argument 2: Expected an instance of EncryptionKey');
}
// First, let's calculate the hash
$hashed = \Sodium\crypto_pwhash_scryptsalsa208sha256_str($password, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
// Now let's encrypt the result
return Crypto::encrypt($hashed, $secret_key);
}
/**
* Sign up new user.
*
* @param string $username, string $password.
*
* @return bool
*/
public function signup($formFields)
{
$extraInfo = ['created' => $this->getTime(), 'active' => $this->getTime(), 'firstIp' => $_SERVER['REMOTE_ADDR'], 'latestIp' => $_SERVER['REMOTE_ADDR']];
$newUserData = array_merge($extraInfo, $formFields);
$newUserID = $this->getUserCount();
$key_user = $this->usersprefix . $newUserID;
$username = $newUserData['username'];
$password = $newUserData['password'];
// Hash and salt the new password.
$newUserData['password'] = \Sodium\crypto_pwhash_scryptsalsa208sha256_str($password, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
// Step 1: Check username is not taken.
if (!$this->findIDByUsername($username)) {
// Step 2: Register the new username and corresponding ID in userlist.
$res = $this->redis->hmset("userlist", [$username => $newUserID]);
// Step 3: Create the new hash for the user.
$res = $this->redis->hmset($key_user, $newUserData);
// Step 4: Increment the usercount.
$this->redis->incr("usercount");
}
}
/**
* Hash the given value.
*
* @param string $value
* @param array $unusedOptions
* @return string
*
* @throws \RuntimeException
*/
public function make($value, array $unusedOptions = [])
{
return \Sodium\crypto_pwhash_scryptsalsa208sha256_str($value, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
}
/**
* Hashes a password for storage and later comparison.
*
* @param string $password The password to be hashed for storage.
* @return string
* @throws Exceptions\InvalidTypeException
*/
public static function hashPassword($password)
{
# Test the message and key for string validity.
Helpers::isString($password, 'Hash', 'hashPassword');
return \Sodium\crypto_pwhash_scryptsalsa208sha256_str($password, Constants::PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, Constants::PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
}
