/** * @expectedException \Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException */ public function testKeyProtectedByPasswordWrong() { $pkey = KeyProtectedByPassword::createRandomPasswordProtectedKey('rightpassword'); $key1 = $pkey->unlockKey('wrongpassword'); }
<?php /* init $_SESSION */ session_start(); /* Better error logging */ ini_set("log_errors", 1); ini_set("error_log", "/tmp/php-error.log"); error_log("Hello, errors!"); /* Create our encrypter for PII */ require_once '../includes/defuse-crypto.phar'; use Defuse\Crypto\Crypto; use Defuse\Crypto\KeyProtectedByPassword; $hashedPW = hash("ripemd320", $_POST["PASSWD"]); // WE ARE HASHING THE BASE 64 ENCODED USING RIPEMD320 $pw_key = KeyProtectedByPassword::createRandomPasswordProtectedKey($hashedPW); $pw_encoded_key = $pw_key->saveToAsciiSafeString(); $user_key = $pw_key->unlockKey($hashedPW); $_SESSION["key_unlocker"] = hash("ripemd320", $_POST["PASSWD"]); // store for later decrytion in SESSION VAR /* init database connections */ include_once '../includes/config.php'; /* contains constants */ $dbh_reg = new PDO(DB_DRIVER . ":host=" . DB_SERVER . ";port=" . DB_PORT . ";dbname=" . DB_NAME, DB_USER_REGISTERER, DB_PASS_REGISTERER); /* INSERT priveleges only */ $dbh_get = new PDO(DB_DRIVER . ":host=" . DB_SERVER . ";port=" . DB_PORT . ";dbname=" . DB_NAME, DB_USER_REG_GETTER, DB_PASS_REG_GETTER); /* SELECT of ID and EMAIL only */ $stmt = $dbh_reg->prepare("INSERT INTO `" . DB_PEOPLE_TABLE . "` \n\t\t(`PEOPLE_ID`, \n\t\t `PEOPLE_ACCOUNT_ACTIVE`,\n\t\t `PEOPLE_ENCRYPTED_ENCRYPTION_KEY`,\n\t\t `PEOPLE_FIRST_NAME`, \n\t\t `PEOPLE_LAST_NAME`, \n\t\t `PEOPLE_EMAIL_ADDRESS`, \n\t\t `PEOPLE_PHONE_NUMBER`, \n\t\t `PEOPLE_PASSWD`, \n\t\t `PEOPLE_PASSWD_RESET_KEY`,\n\t\t `PEOPLE_ADDR_FORMATTED_ADDR`, \n\t\t `PEOPLE_ADDR_LAT`, \n\t\t `PEOPLE_ADDR_LNG`, \n\t\t `PEOPLE_ADDR_COUNTRY`, \n\t\t `PEOPLE_ADDR_ADMIN_AREA_LEVEL_1`, \n\t\t `PEOPLE_EMAIL_VERIFIED`,\n\t\t `PEOPLE_EMAIL_VERIFICATION_KEY`,\n\t\t `PEOPLE_IN_DINING_QUEUE`, \n\t\t `PEOPLE_PICTURE_LOCATION`, \n\t\t `PEOPLE_REGISTERED_IP`, \n\t\t `PEOPLE_REGISTERED_UA`, \n\t\t `PEOPLE_REGISTERED_TIMESTAMP`, \n\t\t `PEOPLE_LAST_LOGIN_IP`, \n\t\t `PEOPLE_LAST_LOGIN_UA`, \n\t\t `PEOPLE_LAST_LOGIN_TIMESTAMP`,\n\t\t `PEOPLE_STATS_QUEUES_USED`) \nVALUES (NULL, \n\t\t 1,\n\t\t :PEOPLE_ENCRYPTED_ENCRYPTION_KEY,\n\t\t :PEOPLE_FIRST_NAME, \n\t\t :PEOPLE_LAST_NAME, \n\t\t :PEOPLE_EMAIL_ADDRESS, \n\t\t :PEOPLE_PHONE_NUMBER, \n\t\t :PEOPLE_PASSWD, \n\t\t :PEOPLE_PASSWD_RESET_KEY,\n\t\t :PEOPLE_ADDR_FORMATTED_ADDR, \n\t\t :PEOPLE_ADDR_LAT, \n\t\t :PEOPLE_ADDR_LNG, \n\t\t :PEOPLE_ADDR_COUNTRY, \n\t\t :PEOPLE_ADDR_ADMIN_AREA_LEVEL_1, \n\t\t 0, \n\t\t :PEOPLE_EMAIL_VERIFICATION_KEY,\n\t\t 0, \n\t\t :PEOPLE_PICTURE_LOCATION, \n\t\t :PEOPLE_REGISTERED_IP, \n\t\t :PEOPLE_REGISTERED_UA, \n\t\t CURRENT_TIMESTAMP, \n\t\t :PEOPLE_LAST_LOGIN_IP, \n\t\t :PEOPLE_LAST_LOGIN_UA, \n\t\t CURRENT_TIMESTAMP,\n\t\t 0);"); /* original insert statement with parameters to bind */ // THIS IS WHAT WE ARE ENCRYPING: /* PEOPLE_PHONE_NUMBER