function drupal_hmac_base64

Calculates a base-64 encoded, URL-safe sha-256 hmac.

Parameters

string $data: String to be validated with the hmac.

string $key: A secret string key.

Return value

string A base-64 encoded sha-256 hmac, with + replaced with -, / with _ and any = padding characters removed.

9 calls to drupal_hmac_base64()
DrupalWebTestCase::drupalGetToken in modules/simpletest/drupal_web_test_case.php
Generate a token for the currently logged in user.
drupal_generate_test_ua in includes/bootstrap.inc
Generates a user agent string with a HMAC and timestamp for simpletest.
drupal_get_token in includes/common.inc
Generates a token based on $value, the user session, and the private key.
drupal_valid_test_ua in includes/bootstrap.inc
Returns the test prefix if this is an internal request from SimpleTest.
file_managed_file_process in modules/file/file.module
Process function to expand the managed_file element type.

... See full list

File

includes/bootstrap.inc, line 2405

Code

function drupal_hmac_base64($data, $key) {
    // Casting $data and $key to strings here is necessary to avoid empty string
    // results of the hash function if they are not scalar values. As this
    // function is used in security-critical contexts like token validation it is
    // important that it never returns an empty string.
    $hmac = base64_encode(hash_hmac('sha256', (string) $data, (string) $key, TRUE));
    // Modify the hmac so it's safe to use in URLs.
    return strtr($hmac, array(
        '+' => '-',
        '/' => '_',
        '=' => '',
    ));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.