What Kind of Encryption is used by Sentry

Question

I am building an iOS app for an already existing web application I created. The web app uses laravel and sentry to encrypt passwords. New users have to be able to be created from the iOS app. The server that the web app talks to is written in php but does not use laravel or sentry. The only sentry function I need is the one they use to encrypt passwords.

What function does sentry use to hash passwords? I am talking about Cartalyst\Sentry\Hashing\NativeHasher

I need to be able to duplicate this function and use it in a separate php file.

Answer 1

i've found this link : https://github.com/cartalyst/sentry/blob/master/src/Cartalyst/Sentry/Hashing/NativeHasher.php

and this code is what you want probably:

public function hash($string)
{
    // Usually caused by an old PHP environment, see
    // https://github.com/cartalyst/sentry/issues/98#issuecomment-12974603
    // and https://github.com/ircmaxell/password_compat/issues/10
    if (!function_exists('password_hash')) {
        throw new \RuntimeException('The function password_hash() does not exist, your PHP environment is probably incompatible. Try running [vendor/ircmaxell/password-compat/version-test.php] to check compatibility or use an alternative hashing strategy.');
    }

    if (($hash = password_hash($string, PASSWORD_DEFAULT)) === false) {
        throw new \RuntimeException('Error generating hash from string, your PHP environment is probably incompatible. Try running [vendor/ircmaxell/password-compat/version-test.php] to check compatibility or use an alternative hashing strategy.');
    }

    return $hash;
}