nextcloud/lib/public/security/ihasher.php

<?php
/**
 * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */

namespace OCP\Security;

/**
 * Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
 * used by previous versions of ownCloud and helps migrating those hashes to newer ones.
 *
 * The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
 * updates in the future.
 * Possible versions:
 * 	- 1 (Initial version)
 *
 * Usage:
 * // Hashing a message
 * $hash = \OC::$server->getHasher()->hash('MessageToHash');
 * // Verifying a message - $newHash will contain the newly calculated hash
 * $newHash = null;
 * var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
 * var_dump($newHash);
 *
 * @package OCP\Security
 */
interface IHasher {
	/**
	 * Hashes a message using PHP's `password_hash` functionality.
	 * Please note that the size of the returned string is not guaranteed
	 * and can be up to 255 characters.
	 *
	 * @param string $message Message to generate hash from
	 * @return string Hash of the message with appended version parameter
	 */
	public function hash($message);

	/**
	 * @param string $message Message to verify
	 * @param string $hash Assumed hash of the message
	 * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
	 * @return bool Whether $hash is a valid hash of $message
	 */
	public function verify($message, $hash, &$newHash = null);
}
Add OCP\Security\IHasher Public interface for hashing which also works with legacy ownCloud hashes and supports updating the legacy hash via a passed reference. Follow-up of https://github.com/owncloud/core/pull/10219#issuecomment-61624662 Requires https://github.com/owncloud/3rdparty/pull/136 2014-11-04 18:05:31 +03:00			`<?php`
			`/**`
			`* Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>`
			`* This file is licensed under the Affero General Public License version 3 or`
			`* later.`
			`* See the COPYING-README file.`
			`*/`

			`namespace OCP\Security;`

			`/**`
			`* Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes`
			`* used by previous versions of ownCloud and helps migrating those hashes to newer ones.`
			`*`
			`* The hashes generated by this class are prefixed (version\|hash) with a version parameter to allow possible`
			`* updates in the future.`
			`* Possible versions:`
			`* - 1 (Initial version)`
			`*`
			`* Usage:`
			`* // Hashing a message`
			`* $hash = \OC::$server->getHasher()->hash('MessageToHash');`
			`* // Verifying a message - $newHash will contain the newly calculated hash`
			`* $newHash = null;`
			`* var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));`
			`* var_dump($newHash);`
			`*`
			`* @package OCP\Security`
			`*/`
			`interface IHasher {`
			`/**`
			* Hashes a message using PHP's `password_hash` functionality.
			`* Please note that the size of the returned string is not guaranteed`
			`* and can be up to 255 characters.`
			`*`
			`* @param string $message Message to generate hash from`
			`* @return string Hash of the message with appended version parameter`
			`*/`
			`public function hash($message);`

			`/**`
			`* @param string $message Message to verify`
			`* @param string $hash Assumed hash of the message`
			`* @param null\|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.`
			`* @return bool Whether $hash is a valid hash of $message`
			`*/`
			`public function verify($message, $hash, &$newHash = null);`
			`}`