/**
* This class abstracts away from scrypt module, allowing for easy use.
*
- * You can create a new hash for a password by calling Scrypt:hash($password)
+ * You can create a new hash for a password by calling Scrypt:hashScrypt($password)
*
- * You can check a password by calling Scrypt:check($password, $hash)
+ * You can check a password by calling Scrypt:checkScrypt($password, $hash)
*
* @category Security
* @package Scrypt
*
* @return string The salt
*/
- public static function generateSalt($length = 8)
+ public static function generateScryptSalt($length = 8)
{
$buffer = '';
$buffer_valid = false;
*
* @return string The hashed password
*/
- public static function hash($password, $salt = false, $N = 16384, $r = 8, $p = 1)
+ public static function hashScrypt($password, $salt = false, $N = 16384, $r = 8, $p = 1)
{
if ($N == 0 || ($N & ($N - 1)) != 0) {
throw new \InvalidArgumentException("N must be > 0 and a power of 2");
}
if ($salt === false) {
- $salt = self::generateSalt();
+ $salt = self::generateScryptSalt();
} else {
// Remove dollar signs from the salt, as we use that as a separator.
$salt = str_replace(array('+', '$'), array('.', ''), base64_encode($salt));
*
* @return boolean If the clear text matches
*/
- public static function check($password, $hash)
+ public static function checkScrypt($password, $hash)
{
// Is there actually a hash?
if (!$hash) {
$calculated = scrypt($password, $salt, $N, $r, $p, self::$_keyLength);
- // Use compareStrings to avoid timeing attacks
- return self::compareStrings($hash, $calculated);
+ // Use compareScryptHashes to avoid timeing attacks
+ return self::compareScryptHashes($hash, $calculated);
}
/**
*
* @return boolean If the two strings match.
*/
- public static function compareStrings($expected, $actual)
+ public static function compareScryptHashes($expected, $actual)
{
$expected = (string) $expected;
$actual = (string) $actual;