コード例 #1
0
 /**
  * Validate a password against a derived key (hashed password) and salt using PBKDF2.
  * Iteration count and algorithm have to match the parameters when generating the derived key.
  *
  * @param string $password The cleartext password
  * @param string $hashedPasswordAndSalt The derived key and salt in Base64 encoding as returned by hashPassword for verification
  * @param string $staticSalt Static salt that will be appended to the dynamic salt
  * @return boolean TRUE if the given password matches the hashed password
  * @throws \InvalidArgumentException
  */
 public function validatePassword($password, $hashedPasswordAndSalt, $staticSalt = NULL)
 {
     $parts = explode(',', $hashedPasswordAndSalt);
     if (count($parts) !== 2) {
         throw new \InvalidArgumentException('The derived key with salt must contain a salt, separated with a comma from the derived key', 1306172911);
     }
     $dynamicSalt = base64_decode($parts[0]);
     $derivedKey = base64_decode($parts[1]);
     $derivedKeyLength = strlen($derivedKey);
     return $derivedKey === \TYPO3\FLOW3\Security\Cryptography\Algorithms::pbkdf2($password, $dynamicSalt . $staticSalt, $this->iterationCount, $derivedKeyLength, $this->algorithm);
 }
コード例 #2
0
ファイル: AlgorithmsTest.php プロジェクト: nxpthx/FLOW3
 /**
  * @test
  * @dataProvider pbkdf2TestVectors
  */
 public function pbkdf2TestVectorsAreCorrect($password, $salt, $iterationCount, $derivedKeyLength, $output)
 {
     $result = \TYPO3\FLOW3\Security\Cryptography\Algorithms::pbkdf2($password, $salt, $iterationCount, $derivedKeyLength, 'sha1');
     $this->assertEquals(unpack('H*', pack('H*', $output)), unpack('H*', $result));
 }