/** * Decrypt then verify a password * * @param string $password - The user-provided password * @param string $stored - The encrypted password hash * @param Key $secret_key - The master key for all passwords */ public static function verify($password, $stored, \ParagonIE\Halite\Contract\CryptoKeyInterface $secret_key) { // First let's decrypt the hash $hash_str = Symmetric::decrypt($stored, $secret_key); // And now to verify the hash return \Sodium\crypto_pwhash_scryptsalsa208sha256_str_verify($hash_str, $password); }
/** * Decrypt a string using asymmetric cryptography * Wraps Symmetric::decrypt() * * @param string $source Ciphertext * @param string $ourPrivateKey Our private key * @param string $theirPublicKey Their public key * @param boolean $raw Don't hex decode the input? * * @return string */ public static function decrypt($source, Contract\CryptoKeyInterface $ourPrivateKey, Contract\CryptoKeyInterface $theirPublicKey, $raw = false) { list($secret, $public) = self::judgeKeys($ourPrivateKey, $theirPublicKey); $ecdh = new Key(self::getSharedSecret($secret, $public), false, false); $ciphertext = Symmetric::decrypt($source, $ecdh, $raw); unset($ecdh); return $ciphertext; }
public function testRawEncrypt() { $key = new \ParagonIE\Halite\Key(\str_repeat('A', 32)); $message = Symmetric::encrypt('test message', $key, true); $this->assertTrue(strpos($message, \ParagonIE\Halite\Halite::HALITE_VERSION) === 0); $plain = Symmetric::decrypt($message, $key, true); $this->assertEquals($plain, 'test message'); }