checkCrypt()

Compares a plain text with an encrypted hash value and checks if the text matches the decrypted value of the hash.

Synopsis

bool checkCrypt(string text, string hash);

Parameters

Parameter Meaning
text Text to be compared to the hash.
hash The hashed value of a text (regardless of the hash version).

Return Value

The return value is true if the text matches the hash and otherwise false.

Description

The function checkCrypt() proves whether the hashed text (using the same salt as in the hash parameter) is equal to the hash given as second parameter and so checks the validity of the text. It is normally (but not only) used to store passwords irreversibly.
Wichtig: This function only works for hash formats of versions 3 and 4.

The example compares the equality of the passwords with the hash value. The return value is true if the text matches the hash and otherwise false.

{main(mapping event)
{

  int iter;
  string retHashedPw;
  retHashedPw = crypt("MYPERSONALPASSWORT",4, iter);
  DebugN(retHashedPw);

  bool checkPw, checkPw1;

  checkPw = checkCrypt("MYPERSONALPASSWORT_NEW", retHashedPw);
  DebugN("The return value is true if the text matches the hash and otherwise false:", checkPw);

  checkPw1 = checkCrypt("MYPERSONALPASSWORT", retHashedPw);
  DebugN("The return value is true if the text matches the hash and otherwise false:", checkPw1);
}

The output of the code:

WCCOAui1:["#PBKDF2#SHA256#lGracFq+TrqjVICkdDO0sqcxpZ7vOszLJWLDYfF+sKs=#1#qi4Hnh0Nfjq/nqDTwbwCMR0w+4yARJyphlKR7jw8bzQ="]
WCCOAui1:["The return value is true if the text matches the hash and otherwise false:"][FALSE]
WCCOAui1:["The return value is true if the text matches the hash and otherwise false:"][TRUE]         
Tabelle 1. The output format of the function
The output format

part 1

function

"PBKDF2"

part 2 algorithm

"SHA256"

part 3 salt

(32 bytes)

part 4

iterations

part 5 hash result

(32 bytes)

For format details, see also Wikipedia.

Assignment

Miscellaneous functions

Availability

CTRL