IHasher.php 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Lukas Reschke <lukas@statuscode.ch>
  7. * @author Morris Jobke <hey@morrisjobke.de>
  8. * @author Roeland Jago Douma <roeland@famdouma.nl>
  9. *
  10. * @license AGPL-3.0
  11. *
  12. * This code is free software: you can redistribute it and/or modify
  13. * it under the terms of the GNU Affero General Public License, version 3,
  14. * as published by the Free Software Foundation.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License, version 3,
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>
  23. *
  24. */
  25. namespace OCP\Security;
  26. /**
  27. * Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
  28. * used by previous versions of ownCloud and helps migrating those hashes to newer ones.
  29. *
  30. * The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
  31. * updates in the future.
  32. * Possible versions:
  33. * - 1 (Initial version)
  34. *
  35. * Usage:
  36. * // Hashing a message
  37. * $hash = \OC::$server->getHasher()->hash('MessageToHash');
  38. * // Verifying a message - $newHash will contain the newly calculated hash
  39. * $newHash = null;
  40. * var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
  41. * var_dump($newHash);
  42. *
  43. * @since 8.0.0
  44. */
  45. interface IHasher {
  46. /**
  47. * Hashes a message using PHP's `password_hash` functionality.
  48. * Please note that the size of the returned string is not guaranteed
  49. * and can be up to 255 characters.
  50. *
  51. * @param string $message Message to generate hash from
  52. * @return string Hash of the message with appended version parameter
  53. * @since 8.0.0
  54. */
  55. public function hash(string $message): string;
  56. /**
  57. * @param string $message Message to verify
  58. * @param string $hash Assumed hash of the message
  59. * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
  60. * @return bool Whether $hash is a valid hash of $message
  61. * @since 8.0.0
  62. */
  63. public function verify(string $message, string $hash, &$newHash = null): bool ;
  64. }