public function validate_password($password, $correct_hash) { $params = explode(":", $correct_hash); if (count($params) < HASH_SECTIONS) { return false; } $pbkdf2 = base64_decode($params[HASH_PBKDF2_INDEX]); return PasswordHash::slow_equals($pbkdf2, PasswordHash::pbkdf2($params[HASH_ALGORITHM_INDEX], $password, $params[HASH_SALT_INDEX], (int) $params[HASH_ITERATION_INDEX], strlen($pbkdf2), true)); }
* POSSIBILITY OF SUCH DAMAGE. */ require_once 'PasswordHash.php'; $MyHash = new PasswordHash(); echo "Sample hash:\n"; $hash = $MyHash->create_hash("test_password"); echo $hash . "\n"; echo "Sample hash:\n"; $hash = $MyHash->create_hash("rugger31"); echo $hash . "\n"; echo "Sample hash:\n"; $hash = $MyHash->create_hash("Rugger31!"); echo $hash . "\n"; echo "\nTest results:\n"; // Test vector raw output. $a = bin2hex($MyHash->pbkdf2("sha1", "password", "salt", 2, 20, true)); $b = "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"; if ($a === $b) { echo "pass\n"; } else { echo "FAIL\n"; } // Test vector hex output. $a = $MyHash->pbkdf2("sha1", "password", "salt", 2, 20, false); $b = "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"; if ($a === $b) { echo "pass\n"; } else { echo "FAIL\n"; } $hash_of_password = $MyHash->create_hash("password");