Sign upLogin

owncloud/core

View on GitHub
Star
lib/public/Security/IHasher.php

Summary

Maintainability
A
0 mins
Test Coverage
<?php
/**
 * @author Lukas Reschke <lukas@statuscode.ch>
 * @author Morris Jobke <hey@morrisjobke.de>
 *
 * @copyright Copyright (c) 2018, ownCloud GmbH
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

namespace OCP\Security;

/**
 * Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
 * used by previous versions of ownCloud and helps migrating those hashes to newer ones.
 *
 * The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
 * updates in the future.
 * Possible versions:
 *     - 1 (Initial version)
 *
 * Usage:
 * // Hashing a message
 * $hash = \OC::$server->getHasher()->hash('MessageToHash');
 * // Verifying a message - $newHash will contain the newly calculated hash
 * $newHash = null;
 * var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
 * var_dump($newHash);
 *
 * @package OCP\Security
 * @since 8.0.0
 */
interface IHasher {
    /**
     * Hashes a message using PHP's `password_hash` functionality.
     * Please note that the size of the returned string is not guaranteed
     * and can be up to 255 characters.
     *
     * @param string $message Message to generate hash from
     * @return string Hash of the message with appended version parameter
     * @since 8.0.0
     */
    public function hash($message);

    /**
     * @param string $message Message to verify
     * @param string $hash Assumed hash of the message
     * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
     * @return bool Whether $hash is a valid hash of $message
     * @since 8.0.0
     */
    public function verify($message, $hash, &$newHash = null);
}