aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public/Security/IHasher.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/public/Security/IHasher.php')
-rw-r--r--lib/public/Security/IHasher.php57
1 files changed, 57 insertions, 0 deletions
diff --git a/lib/public/Security/IHasher.php b/lib/public/Security/IHasher.php
new file mode 100644
index 00000000000..d0d6e4e9028
--- /dev/null
+++ b/lib/public/Security/IHasher.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+namespace OCP\Security;
+
+/**
+ * Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
+ * used by previous versions of ownCloud and helps migrating those hashes to newer ones.
+ *
+ * The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
+ * updates in the future.
+ * Possible versions:
+ * - 1 (Initial version)
+ *
+ * Usage:
+ * // Hashing a message
+ * $hash = \OCP\Server::get(\OCP\Security\IHasher::class)->hash('MessageToHash');
+ * // Verifying a message - $newHash will contain the newly calculated hash
+ * $newHash = null;
+ * var_dump(\OCP\Server::get(\OCP\Security\IHasher::class)->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
+ * var_dump($newHash);
+ *
+ * @since 8.0.0
+ */
+interface IHasher {
+ /**
+ * Hashes a message using PHP's `password_hash` functionality.
+ * Please note that the size of the returned string is not guaranteed
+ * and can be up to 255 characters.
+ *
+ * @param string $message Message to generate hash from
+ * @return string Hash of the message with appended version parameter
+ * @since 8.0.0
+ */
+ public function hash(string $message): string;
+
+ /**
+ * @param string $message Message to verify
+ * @param string $hash Assumed hash of the message
+ * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
+ * @return bool Whether $hash is a valid hash of $message
+ * @since 8.0.0
+ */
+ public function verify(string $message, string $hash, &$newHash = null): bool ;
+
+ /**
+ * Check if the prefixed hash is valid
+ *
+ * @since 30.0.0
+ */
+ public function validate(string $prefixedHash): bool;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-15 19:57:47 +0000