Hasher

class OC\Security\Hasher
Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
used by previous versions of ownCloud and helps migrating those hashes to newer ones.
The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
updates in the future.
Possible versions:
- 1 (Initial version)

Usage:
// Hashing a message
$hash = \OC::$server->getHasher()->hash(‘MessageToHash’);
// Verifying a message - $newHash will contain the newly calculated hash
$newHash = null;
var_dump(\OC::$server->getHasher()->verify(‘a’, ‘86f7e437faa5a7fce15d1ddcb9eaeaea377667b8’, $newHash));
var_dump($newHash);
Source:lib/private/Security/Hasher.php#55
Implements:OCP\Security\IHasher

Properties

Methods

public OC\Security\Hasher::__construct($config)
Source:

lib/private/Security/Hasher.php#66

Parameters:
public OC\Security\Hasher::hash($message)
Hashes a message using PHP’s `password_hash` functionality.
Please note that the size of the returned string is not guaranteed
and can be up to 255 characters.
Source:

lib/private/Security/Hasher.php#92

Parameters:
  • $message (string) Message to generate hash from
Returns:

string Hash of the message with appended version parameter

protected OC\Security\Hasher::splitHash($prefixedHash)
Get the version and hash from a prefixedHash
Source:

lib/private/Security/Hasher.php#111

Parameters:
  • $prefixedHash (string)
Returns:

null | array Null if the hash is not prefixed, otherwise array(‘version’ => 1, ‘hash’ => ‘foo’)

protected OC\Security\Hasher::legacyHashVerify($message, $hash, &$newHash=null)
Verify legacy hashes
Source:

lib/private/Security/Hasher.php#129

Parameters:
  • $message (string) Message to verify
  • $hash (string) Assumed hash of the message
Returns:

bool Whether $hash is a valid hash of $message

protected OC\Security\Hasher::verifyHash($message, $hash, &$newHash=null)
Verify V1 (blowfish) hashes
Verify V2 (argon2i) hashes
Verify V3 (argon2id) hashes
Source:

lib/private/Security/Hasher.php#154

Parameters:
  • $message (string) Message to verify
  • $hash (string) Assumed hash of the message
Returns:

bool Whether $hash is a valid hash of $message

public OC\Security\Hasher::verify($message, $hash, &$newHash=null)
Source:

lib/private/Security/Hasher.php#171

Parameters:
  • $message (string) Message to verify
  • $hash (string) Assumed hash of the message
Returns:

bool Whether $hash is a valid hash of $message