You are here

Home » API reference » Drupal 9 » Crypt.php

class Crypt in Drupal 9

Same name and namespace in other branches
  1. 8 core/lib/Drupal/Component/Utility/Crypt.php \Drupal\Component\Utility\Crypt

Utility class for cryptographically-secure string handling routines.

Hierarchy

  • class \Drupal\Component\Utility\Crypt

Expanded class hierarchy of Crypt

Related topics

Utility classes and functions
Overview of utility classes and functions for developers.
82 files declare their use of Crypt
AggregatorTestRssController.php in core/modules/aggregator/tests/modules/aggregator_test/src/Controller/AggregatorTestRssController.php
AnnotatedClassDiscovery.php in core/lib/Drupal/Component/Annotation/Plugin/Discovery/AnnotatedClassDiscovery.php
AssetDumper.php in core/lib/Drupal/Core/Asset/AssetDumper.php
AssetResolver.php in core/lib/Drupal/Core/Asset/AssetResolver.php
BigPipe.php in core/modules/big_pipe/src/Render/BigPipe.php

... See full list

File

core/lib/Drupal/Component/Utility/Crypt.php, line 10

Namespace

Drupal\Component\Utility
View source 
class Crypt {

  /**
   * Calculates a base-64 encoded, URL-safe sha-256 hmac.
   *
   * @param mixed $data
   *   Scalar value to be validated with the hmac.
   * @param mixed $key
   *   A secret key, this can be any scalar value.
   *
   * @return string
   *   A base-64 encoded sha-256 hmac, with + replaced with -, / with _ and
   *   any = padding characters removed.
   */
  public static function hmacBase64($data, $key) {

    // $data and $key being strings here is necessary to avoid empty string
    // results of the hash function if they are not scalar values. As this
    // function is used in security-critical contexts like token validation it
    // is important that it never returns an empty string.
    if (!is_scalar($data) || !is_scalar($key)) {
      throw new \InvalidArgumentException('Both parameters passed to \\Drupal\\Component\\Utility\\Crypt::hmacBase64 must be scalar values.');
    }
    $hmac = base64_encode(hash_hmac('sha256', $data, $key, TRUE));

    // Modify the hmac so it's safe to use in URLs.
    return str_replace([
      '+',
      '/',
      '=',
    ], [
      '-',
      '_',
      '',
    ], $hmac);
  }

  /**
   * Calculates a base-64 encoded, URL-safe sha-256 hash.
   *
   * @param string $data
   *   String to be hashed.
   *
   * @return string
   *   A base-64 encoded sha-256 hash, with + replaced with -, / with _ and
   *   any = padding characters removed.
   */
  public static function hashBase64($data) {
    $hash = base64_encode(hash('sha256', $data, TRUE));

    // Modify the hash so it's safe to use in URLs.
    return str_replace([
      '+',
      '/',
      '=',
    ], [
      '-',
      '_',
      '',
    ], $hash);
  }

  /**
   * Returns a URL-safe, base64 encoded string of highly randomized bytes.
   *
   * @param $count
   *   The number of random bytes to fetch and base64 encode.
   *
   * @return string
   *   A base-64 encoded string, with + replaced with -, / with _ and any =
   *   padding characters removed.
   */
  public static function randomBytesBase64($count = 32) {
    return str_replace([
      '+',
      '/',
      '=',
    ], [
      '-',
      '_',
      '',
    ], base64_encode(random_bytes($count)));
  }

}

Members

Namesort descending Modifiers Type Description Overrides
Crypt::hashBase64 public static function Calculates a base-64 encoded, URL-safe sha-256 hash.
Crypt::hmacBase64 public static function Calculates a base-64 encoded, URL-safe sha-256 hmac.
Crypt::randomBytesBase64 public static function Returns a URL-safe, base64 encoded string of highly randomized bytes.