server/lib/public/Security/IHasher.php
Roeland Jago Douma 0e0db37658
Make OCP\Security stricter
* Add typehints
* Add return types
* Opcode opts from phpstorm
* Made strict
* Fixed tests: No need to test bogus values anymore strict typing fixes
this

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-16 22:01:19 +01:00

67 lines
2.3 KiB
PHP

<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Morris Jobke <hey@morrisjobke.de>
*
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCP\Security;
/**
* Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
* used by previous versions of ownCloud and helps migrating those hashes to newer ones.
*
* The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
* updates in the future.
* Possible versions:
* - 1 (Initial version)
*
* Usage:
* // Hashing a message
* $hash = \OC::$server->getHasher()->hash('MessageToHash');
* // Verifying a message - $newHash will contain the newly calculated hash
* $newHash = null;
* var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
* var_dump($newHash);
*
* @package OCP\Security
* @since 8.0.0
*/
interface IHasher {
/**
* Hashes a message using PHP's `password_hash` functionality.
* Please note that the size of the returned string is not guaranteed
* and can be up to 255 characters.
*
* @param string $message Message to generate hash from
* @return string Hash of the message with appended version parameter
* @since 8.0.0
*/
public function hash(string $message): string;
/**
* @param string $message Message to verify
* @param string $hash Assumed hash of the message
* @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
* @return bool Whether $hash is a valid hash of $message
* @since 8.0.0
*/
public function verify(string $message, string $hash, &$newHash = null): bool ;
}