function public static function Crypt::checkBase64HashAlgorithm

8.x-3.x Crypt.php public static Crypt::checkBase64HashAlgorithm($algorithm, $hash, $sriIntegrity = FALSE)

Ensures the base64 encoded hash matches the algorithm's digest length.


string $algorithm: The algorithm output length to check.

string $hash: The base64 encoded hash to check.

bool $sriIntegrity: Flag indicating whether this is a hash intended for use as an SRI integrity value.

Return value

bool TRUE if the digest length from decoding the base64 hash matches what the algorithm length is supposed to be; FALSE otherwise.


Extends \Drupal\Component\Utility\Crypt.



Source src/Utility/Crypt.php (line 66)

public static function checkBase64HashAlgorithm($algorithm, $hash, $sriIntegrity = FALSE) {
  // Immediately return if values aren't provided or an unsupported algorithm.
  if (!$algorithm || !$hash || !isset(static::$algorithmDigestLengths[$algorithm])) {
    return FALSE;

  // Check if this is an SRI algorithm supported by a browser.
  if ($sriIntegrity && !in_array($algorithm, static::$validSriIntegrityAlgorithms)) {
    return FALSE;

  // Ensure the provided hash matches the length of the algorithm provided.
  return !!preg_match('/^([a-f0-9]{' . static::$algorithmDigestLengths[$algorithm] . '})$/', static::decodeHashBase64($hash));