/**
* Decrypt then verify a password
*
* @param string $password - The user-provided password
* @param string $stored - The encrypted password hash
* @param Key $secret_key - The master key for all passwords
*/
public static function verify($password, $stored, \ParagonIE\Halite\Contract\CryptoKeyInterface $secret_key)
{
// First let's decrypt the hash
$hash_str = Symmetric::decrypt($stored, $secret_key);
// And now to verify the hash
return \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password);
}
/**
* Decrypt a string using asymmetric cryptography
* Wraps Symmetric::decrypt()
*
* @param string $source Ciphertext
* @param string $ourPrivateKey Our private key
* @param string $theirPublicKey Their public key
* @param boolean $raw Don't hex decode the input?
*
* @return string
*/
public static function decrypt($source, Contract\CryptoKeyInterface $ourPrivateKey, Contract\CryptoKeyInterface $theirPublicKey, $raw = false)
{
list($secret, $public) = self::judgeKeys($ourPrivateKey, $theirPublicKey);
$ecdh = new Key(self::getSharedSecret($secret, $public), false, false);
$ciphertext = Symmetric::decrypt($source, $ecdh, $raw);
unset($ecdh);
return $ciphertext;
}
public function testRawEncrypt()
{
$key = new \ParagonIE\Halite\Key(\str_repeat('A', 32));
$message = Symmetric::encrypt('test message', $key, true);
$this->assertTrue(strpos($message, \ParagonIE\Halite\Halite::HALITE_VERSION) === 0);
$plain = Symmetric::decrypt($message, $key, true);
$this->assertEquals($plain, 'test message');
}
