PHPXRef 0.7.1 : Phabricator : /src/infrastructure/util/PhabricatorHash.php source

[Summary view] [Print] [Text view]
   1  <?php
   2  
   3  final class PhabricatorHash {
   4  
   5  
   6    /**
   7     * Digest a string for general use, including use which relates to security.
   8     *
   9     * @param   string  Input string.
  10     * @return  string  32-byte hexidecimal SHA1+HMAC hash.
  11     */
  12    public static function digest($string, $key = null) {
  13      if ($key === null) {
  14        $key = PhabricatorEnv::getEnvConfig('security.hmac-key');
  15      }
  16  
  17      if (!$key) {
  18        throw new Exception(
  19          "Set a 'security.hmac-key' in your Phabricator configuration!");
  20      }
  21  
  22      return hash_hmac('sha1', $string, $key);
  23    }
  24  
  25  
  26    /**
  27     * Digest a string into a password hash. This is similar to @{method:digest},
  28     * but requires a salt and iterates the hash to increase cost.
  29     */
  30    public static function digestPassword(PhutilOpaqueEnvelope $envelope, $salt) {
  31      $result = $envelope->openEnvelope();
  32      if (!$result) {
  33        throw new Exception('Trying to digest empty password!');
  34      }
  35  
  36      for ($ii = 0; $ii < 1000; $ii++) {
  37        $result = PhabricatorHash::digest($result, $salt);
  38      }
  39  
  40      return $result;
  41    }
  42  
  43  
  44    /**
  45     * Digest a string for use in, e.g., a MySQL index. This produces a short
  46     * (12-byte), case-sensitive alphanumeric string with 72 bits of entropy,
  47     * which is generally safe in most contexts (notably, URLs).
  48     *
  49     * This method emphasizes compactness, and should not be used for security
  50     * related hashing (for general purpose hashing, see @{method:digest}).
  51     *
  52     * @param   string  Input string.
  53     * @return  string  12-byte, case-sensitive alphanumeric hash of the string
  54     *                  which
  55     */
  56    public static function digestForIndex($string) {
  57      $hash = sha1($string, $raw_output = true);
  58  
  59      static $map;
  60      if ($map === null) {
  61        $map = '0123456789'.
  62               'abcdefghij'.
  63               'klmnopqrst'.
  64               'uvwxyzABCD'.
  65               'EFGHIJKLMN'.
  66               'OPQRSTUVWX'.
  67               'YZ._';
  68      }
  69  
  70      $result = '';
  71      for ($ii = 0; $ii < 12; $ii++) {
  72        $result .= $map[(ord($hash[$ii]) & 0x3F)];
  73      }
  74  
  75      return $result;
  76    }
  77  
  78  }
PHP Cross Reference of Phabricator

/src/infrastructure/util/ -> PhabricatorHash.php (source)
