You are here

Home » API reference » Drupal 6 » bootstrap.inc

function drupal_hmac_base64 in Drupal 6

Same name and namespace in other branches
  1. 7 includes/bootstrap.inc \drupal_hmac_base64()

Calculates a base-64 encoded, URL-safe sha-1 hmac.

Parameters

string $data: String to be validated with the hmac.

string $key: A secret string key.

Return value

string A base-64 encoded sha-1 hmac, with + replaced with -, / with _ and any = padding characters removed.

1 call to drupal_hmac_base64()
user_pass_rehash in modules/user/user.module

File

includes/bootstrap.inc, line 1526
Functions that need to be loaded on every Drupal request.

Code

function drupal_hmac_base64($data, $key) {

  // Casting $data and $key to strings here is necessary to avoid empty string
  // results of the hash function if they are not scalar values. As this
  // function is used in security-critical contexts like token validation it is
  // important that it never returns an empty string.
  $hmac = base64_encode(pack("H*", drupal_hash_hmac_sha1((string) $data, (string) $key)));

  // Modify the hmac so it's safe to use in URLs.
  return strtr($hmac, array(
    '+' => '-',
    '/' => '_',
    '=' => '',
  ));
}