PHP Class ParagonIE\PasswordLock\PasswordLock

Datei anzeigen Open project: paragonie/password_lock Class Usage Examples

Public Methods

Method Description
decryptAndVerify ( string $password, string $ciphertext, Defuse\Crypto\Key $aesKey ) : boolean 1. VerifyHMAC-then-Decrypt the ciphertext to get the hash 2. Verify that the password matches the hash
decryptAndVerifyLegacy ( string $password, string $ciphertext, string $aesKey ) : boolean 1. VerifyHMAC-then-Decrypt the ciphertext to get the hash 2. Verify that the password matches the hash
hashAndEncrypt ( string $password, Defuse\Crypto\Key $aesKey ) : string 1. Hash password using bcrypt-base64-SHA256 2. Encrypt-then-MAC the hash
rotateKey ( string $ciphertext, Defuse\Crypto\Key $oldKey, Defuse\Crypto\Key $newKey ) : string Key rotation method -- decrypt with your old key then re-encrypt with your new key
upgradeFromVersion1 ( string $password, string $ciphertext, string $oldKey, Defuse\Crypto\Key $newKey ) : string For migrating from an older version of the library

Method Details

decryptAndVerify() public static method

1. VerifyHMAC-then-Decrypt the ciphertext to get the hash 2. Verify that the password matches the hash
public static decryptAndVerify ( string $password, string $ciphertext, Defuse\Crypto\Key $aesKey ) : boolean
$password string
$ciphertext string
$aesKey Defuse\Crypto\Key
return boolean

decryptAndVerifyLegacy() public static method

1. VerifyHMAC-then-Decrypt the ciphertext to get the hash 2. Verify that the password matches the hash
public static decryptAndVerifyLegacy ( string $password, string $ciphertext, string $aesKey ) : boolean
$password string
$ciphertext string
$aesKey string - must be exactly 16 bytes
return boolean

hashAndEncrypt() public static method

1. Hash password using bcrypt-base64-SHA256 2. Encrypt-then-MAC the hash
public static hashAndEncrypt ( string $password, Defuse\Crypto\Key $aesKey ) : string
$password string
$aesKey Defuse\Crypto\Key
return string

rotateKey() public static method

Key rotation method -- decrypt with your old key then re-encrypt with your new key
public static rotateKey ( string $ciphertext, Defuse\Crypto\Key $oldKey, Defuse\Crypto\Key $newKey ) : string
$ciphertext string
$oldKey Defuse\Crypto\Key
$newKey Defuse\Crypto\Key
return string

upgradeFromVersion1() public static method

For migrating from an older version of the library
public static upgradeFromVersion1 ( string $password, string $ciphertext, string $oldKey, Defuse\Crypto\Key $newKey ) : string
$password string
$ciphertext string
$oldKey string
$newKey Defuse\Crypto\Key
return string