Hasher

class OC\Security\Hasher

Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes

used by previous versions of ownCloud and helps migrating those hashes to newer ones.

The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible

updates in the future.

Possible versions:

- 1 (Initial version)

Usage:

// Hashing a message

$hash = \OC::$server->getHasher()->hash(‘MessageToHash’);

// Verifying a message - $newHash will contain the newly calculated hash

$newHash = null;

var_dump(\OC::$server->getHasher()->verify(‘a’, ‘86f7e437faa5a7fce15d1ddcb9eaeaea377667b8’, $newHash));

var_dump($newHash);

Source:lib/private/Security/Hasher.php#55 Implements:OCP\Security\IHasher

Properties

Methods

public OC\Security\Hasher::__construct($config)

Source:

lib/private/Security/Hasher.php#66

Parameters:

• $config (OCP\IConfig)

public OC\Security\Hasher::hash($message)

Hashes a message using PHP’s `password_hash` functionality.

Please note that the size of the returned string is not guaranteed

and can be up to 255 characters.

Source:

lib/private/Security/Hasher.php#92

Parameters:

• $message (string) Message to generate hash from

Returns:

string Hash of the message with appended version parameter

protected OC\Security\Hasher::splitHash($prefixedHash)

Get the version and hash from a prefixedHash

Source:

lib/private/Security/Hasher.php#111

Parameters:

• $prefixedHash (string)

Returns:

null | array Null if the hash is not prefixed, otherwise array(‘version’ => 1, ‘hash’ => ‘foo’)

protected OC\Security\Hasher::legacyHashVerify($message, $hash, &$newHash=null)

Verify legacy hashes

Source:

lib/private/Security/Hasher.php#129

Parameters:

• $message (string) Message to verify
• $hash (string) Assumed hash of the message

Returns:

bool Whether $hash is a valid hash of $message

protected OC\Security\Hasher::verifyHash($message, $hash, &$newHash=null)

Verify V1 (blowfish) hashes

Verify V2 (argon2i) hashes

Verify V3 (argon2id) hashes

Source:

lib/private/Security/Hasher.php#154

Parameters:

• $message (string) Message to verify
• $hash (string) Assumed hash of the message

Returns:

bool Whether $hash is a valid hash of $message

public OC\Security\Hasher::verify($message, $hash, &$newHash=null)

Source:

lib/private/Security/Hasher.php#171

Parameters:

• $message (string) Message to verify
• $hash (string) Assumed hash of the message

Returns:

bool Whether $hash is a valid hash of $message