Iteration count and algorithm have to match the parameters when generating the derived key.
| public validatePassword ( string $password, string $hashedPasswordAndSalt, string $staticSalt = null ) : boolean | ||
| $password | string | The cleartext password |
| $hashedPasswordAndSalt | string | The derived key and salt in Base64 encoding as returned by hashPassword for verification |
| $staticSalt | string | Static salt that will be appended to the dynamic salt |
| Результат | boolean | TRUE if the given password matches the hashed password |
/**
* @test
*/
public function hashAndValidatePasswordWithNotMatchingPasswordOrParametersFails()
{
$strategy = new Pbkdf2HashingStrategy(8, 1000, 64, 'sha256');
$derivedKeyWithSalt = $strategy->hashPassword('password', 'MyStaticSalt');
$this->assertFalse($strategy->validatePassword('pass', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different password should not match');
$this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'SomeSalt'), 'Different static salt should not match');
$strategy = new Pbkdf2HashingStrategy(8, 99, 64, 'sha256');
$this->assertFalse($strategy->validatePassword('password', $derivedKeyWithSalt, 'MyStaticSalt'), 'Different iteration should not match');
}
