Will use a combination of a random dynamic salt and the given static salt.
| public hashPassword ( string $password, string $staticSalt = null ) : string | ||
| $password | string | Cleartext password that should be hashed |
| $staticSalt | string | Static salt that will be appended to the random dynamic salt |
| Результат | string | A Base64 encoded string with the derived key (hashed password) and dynamic salt |
/**
* @test
*/
public function hashAndValidatePasswordWithNotMatchingPasswordOrParametersFails()
{
$strategy = new Pbkdf2HashingStrategy(8, 1000, 64, 'sha256');
$derivedKeyWithSalt = $strategy->hashPassword('password', 'MyStaticSalt');
$this->assertFalse($strategy->validatePassword('pass', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different password should not match');
$this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'SomeSalt'), 'Different static salt should not match');
$strategy = new Pbkdf2HashingStrategy(8, 99, 64, 'sha256');
$this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different iteration should not match');
}
