From a5621b8965ebcec213d3a5b07500cfcc3a730ada Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 May 2014 11:23:08 +0300 Subject: Add hash_equals() to ext/hash compat layer Introduced in PHP 5.6 Beta 1 (unfortunately, still undocumented). RFC: https://wiki.php.net/rfc/timing_attack (Yes, I am aware that the RFC talks about hash_compare(), the function was later renamed in the implementation.) --- user_guide_src/source/general/compatibility_functions.rst | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'user_guide_src/source/general') diff --git a/user_guide_src/source/general/compatibility_functions.rst b/user_guide_src/source/general/compatibility_functions.rst index 398403eda..e685073a1 100644 --- a/user_guide_src/source/general/compatibility_functions.rst +++ b/user_guide_src/source/general/compatibility_functions.rst @@ -97,8 +97,9 @@ Function reference Hash (Message Digest) ********************* -This compatibility layer contains only a single function at -this time - ``hash_pbkdf2()``, which otherwise requires PHP 5.5. +This compatibility layer contains backports for the ``hash_equals()`` +and ``hash_pbkdf2()`` functions, which otherwise require PHP 5.6 and/or +PHP 5.5 respectively. Dependancies ============ @@ -108,6 +109,16 @@ Dependancies Function reference ================== +.. function:: hash_equals($known_string, $user_string) + + :param string $known_string: Known string + :param string $user_string: User-supplied string + :returns: TRUE if the strings match, FALSE otherwise + :rtype: string + + For more information, please refer to the `PHP manual for + hash_equals() `_. + .. function:: hash_pbkdf2($algo, $password, $salt, $iterations[, $length = 0[, $raw_output = FALSE]]) :param string $algo: Hashing algorithm -- cgit v1.2.3-24-g4f1b