예제 #1
0
 /**
  * Decrypt then verify a password
  * 
  * @param string $password - The user-provided password
  * @param string $stored   - The encrypted password hash
  * @param Key $secret_key  - The master key for all passwords
  * @return boolean
  */
 public static function verify($password, $stored, \ParagonIE\Halite\Contract\CryptoKeyInterface $secret_key)
 {
     // First let's decrypt the hash
     $hash_str = Symmetric::decrypt($stored, $secret_key);
     // And now to verify the hash
     return \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password);
 }
예제 #2
0
 /**
  * Check the given plain value against a hash.
  *
  * @param  string  $value
  * @param  string  $hashedValue
  * @param  array   $options
  * @return bool
  */
 public function check($value, $hashedValue, array $options = [])
 {
     if (\Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hashedValue, $value)) {
         \Sodium\memzero($value);
         return true;
     } else {
         \Sodium\memzero($value);
         return false;
     }
 }
예제 #3
0
 /**
  * Decrypt then verify a password
  * 
  * @param string $password          - The user-provided password
  * @param string $stored            - The encrypted password hash
  * @param EncryptionKey $secret_key  - The master key for all passwords
  * @return boolean
  */
 public static function verify($password, $stored, KeyInterface $secret_key)
 {
     if (!$secret_key instanceof EncryptionKey) {
         throw new \ParagonIE\Halite\Alerts\InvalidKey('Argument 3: Expected an instance of EncryptionKey');
     }
     // First let's decrypt the hash
     $hash_str = Crypto::decrypt($stored, $secret_key);
     // Upon successful decryption, verify the password is correct
     return \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password);
 }
예제 #4
0
 /**
  * Decrypt then verify a password
  * 
  * @param string $password          - The user-provided password
  * @param string $stored            - The encrypted password hash
  * @param EncryptionKey $secret_key  - The master key for all passwords
  * @return boolean
  */
 public static function verify(string $password, string $stored, EncryptionKey $secret_key) : bool
 {
     // First let's decrypt the hash
     $hash_str = Crypto::decrypt($stored, $secret_key);
     // Upon successful decryption, verify the password is correct
     $isArgon2 = \hash_equals(CryptoUtil::safeSubstr($hash_str, 0, 9), \Sodium\CRYPTO_PWHASH_STRPREFIX);
     $isScrypt = \hash_equals(CryptoUtil::safeSubstr($hash_str, 0, 3), \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX);
     if ($isArgon2) {
         return \Sodium\crypto_pwhash_str_verify($hash_str, $password);
     } elseif ($isScrypt) {
         return \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password);
     }
     return false;
 }
예제 #5
0
파일: UserRedis.php 프로젝트: weleoka/user
 /**
  * Login using credentials.
  *
  * @param array $credentials.
  *
  * @return bool
  */
 public function login($credentials)
 {
     $currentUserID = $this->findIDByUsername($credentials['username']);
     if ($currentUserID) {
         $key_user = $this->usersprefix . $currentUserID;
         //$this->redis->hget("userlist", $username);
         $hash_str = $this->redis->hget($key_user, 'password');
         if (\Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $credentials['password'])) {
             \Sodium\memzero($credentials['password']);
             $this->addFeedback("LOGGED IN.");
             $_SESSION['user'] = ['id' => $currentUserID, 'username' => $credentials['username']];
             $this->sessionTimeoutRestart();
             return true;
         } else {
             \Sodium\memzero($credentials['password']);
             $this->addFeedback("FAILED LOG IN for " . $key_user);
             return false;
         }
     } else {
         // Run a fake to take time.
         $hash_str = $this->redis->hget("userID:0", 'password');
         \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password);
         // session_unset();
         $this->addFeedback("FAILED LOG IN.");
         return false;
     }
 }
예제 #6
0
 /**
  * Test if a password is valid against it's stored hash.
  *
  * @param string $password The client provided password to check.
  * @param string $passwordHash The saved password hash for comparison.
  * @return bool
  * @throws Exceptions\InvalidTypeException
  */
 public static function verifyPassword($password, $passwordHash)
 {
     # Test the message and key for string validity.
     Helpers::isString($password, 'Hash', 'verifyPassword');
     Helpers::isString($passwordHash, 'Hash', 'verifyPassword');
     if (\Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($passwordHash, $password)) {
         \Sodium\memzero($password);
         return true;
     } else {
         \Sodium\memzero($password);
         return false;
     }
 }