public function testMcrypt()
{
$crypt = new Crypt\Mcrypt();
$crypt->setSalt('Test Salt');
$this->assertEquals('Test Salt', $crypt->getSalt());
$this->assertEquals(MCRYPT_RIJNDAEL_256, $crypt->getCipher());
$this->assertEquals(MCRYPT_MODE_CBC, $crypt->getMode());
$this->assertEquals(MCRYPT_RAND, $crypt->getSource());
$hash = $crypt->create('12password34');
$this->assertTrue($crypt->verify('12password34', $hash));
$this->assertNotNull($crypt->getIv());
$this->assertNotNull($crypt->getIvSize());
$this->assertEquals('12password34', $crypt->decrypt($hash));
}
/**
* Method to verify password
*
* @param string $hash
* @param string $attemptedPassword
* @return boolean
*/
public function verifyPassword($hash, $attemptedPassword)
{
$pw = false;
$salt = !empty($this->encryptionOptions['salt']) ? $this->encryptionOptions['salt'] : null;
if (!empty($this->encryptionOptions['secret'])) {
$attemptedPassword .= $this->encryptionOptions['secret'];
}
switch ($this->encryption) {
case Auth::ENCRYPT_NONE:
$pw = $hash == $attemptedPassword;
break;
case Auth::ENCRYPT_MD5:
$pw = $hash == md5($attemptedPassword);
break;
case Auth::ENCRYPT_SHA1:
$pw = $hash == sha1($attemptedPassword);
break;
case Auth::ENCRYPT_CRYPT:
$crypt = new Crypt\Crypt();
$crypt->setSalt($salt);
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_BCRYPT:
$crypt = new Crypt\Bcrypt();
$crypt->setSalt($salt);
// Set cost and prefix, if applicable
if (!empty($this->encryptionOptions['cost'])) {
$crypt->setCost($this->encryptionOptions['cost']);
}
if (!empty($this->encryptionOptions['prefix'])) {
$crypt->setPrefix($this->encryptionOptions['prefix']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_MCRYPT:
$crypt = new Crypt\Mcrypt();
$crypt->setSalt($salt);
// Set cipher, mode and source, if applicable
if (!empty($this->encryptionOptions['cipher'])) {
$crypt->setCipher($this->encryptionOptions['cipher']);
}
if (!empty($this->encryptionOptions['mode'])) {
$crypt->setMode($this->encryptionOptions['mode']);
}
if (!empty($this->encryptionOptions['source'])) {
$crypt->setSource($this->encryptionOptions['source']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_MD5:
$crypt = new Crypt\Md5();
$crypt->setSalt($salt);
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_SHA_256:
$crypt = new Crypt\Sha(256);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($this->encryptionOptions['rounds'])) {
$crypt->setRounds($this->encryptionOptions['rounds']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_SHA_512:
$crypt = new Crypt\Sha(512);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($this->encryptionOptions['rounds'])) {
$crypt->setRounds($this->encryptionOptions['rounds']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
}
return $pw;
}
<?php
require_once '../../bootstrap.php';
use Pop\Crypt;
try {
$mc = new Crypt\Mcrypt();
$hash = $mc->create('12password34');
echo 'Hash: ' . $hash . '<br/ >';
echo 'Salt: ' . $mc->getSalt() . '<br />';
echo 'Decrypted: ' . $mc->decrypt($hash) . '<br />';
if ($mc->verify('12password34', $hash)) {
echo 'Verified!<br />';
} else {
echo 'NOT Verified!<br />';
}
} catch (\Exception $e) {
echo $e->getMessage();
}
