Iteration count and algorithm have to match the parameters when generating the derived key.
public validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean | ||
$password | string | The cleartext password |
$hashedPasswordAndSalt | string | The derived key and salt in Base64 encoding as returned by hashPassword for verification |
$staticSalt | string | Static salt that will be appended to the dynamic salt |
Résultat | boolean | TRUE if the given password matches the hashed password |
/** * @test */ public function hashAndValidatePasswordWithNotMatchingPasswordOrParametersFails() { $strategy = new Pbkdf2HashingStrategy(8, 1000, 64, 'sha256'); $derivedKeyWithSalt = $strategy->hashPassword('password', 'MyStaticSalt'); $this->assertFalse($strategy->validatePassword('pass', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different password should not match'); $this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'SomeSalt'), 'Different static salt should not match'); $strategy = new Pbkdf2HashingStrategy(8, 99, 64, 'sha256'); $this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different iteration should not match'); }