PHP Class lithium\storage\session\strategy\Encrypt

To use this class, you need to have the mcrypt extension enabled. Example configuration: {{{ Session::config(array('default' => array( 'adapter' => 'Cookie', 'strategies' => array('Encrypt' => array('secret' => 'foobar')) ))); }}} By default, this strategy uses the AES algorithm in the CBC mode. This means that an initialization vector has to be generated and transported with the payload data. This is done transparently, but you may want to keep this in mind (the ECB mode doesn't require an itialization vector but is not recommended to use as it's insecure). You can override this defaults by passing a different cipher and/or mode to the config like this: {{{ Session::config(array('default' => array( 'adapter' => 'Cookie', 'strategies' => array('Encrypt' => array( 'cipher' => MCRYPT_RIJNDAEL_128, 'mode' => MCRYPT_MODE_ECB, // Don't use ECB when you don't have to! 'secret' => 'foobar' )) ))); }}} Please keep in mind that it is generally not a good idea to store sensitive information in cookies (or generally on the client side) and this class is no exception to the rule. It allows you to store client side data in a more secure way, but 100% security can't be achieved.

See link: The mcrypt extension.

See link: List of supported ciphers.

See link: List of supported modes.

Inheritance: extends lithium\core\Object

Show file Open project: unionofrad/lithium Class Usage Examples

Protected Properties

Property	Type	Description
$_defaults		Default configuration.
$_resource		Holds the crypto resource after initialization.
$_vector		Holds the initialization vector.

Public Methods

Method	Description
__construct ( array $config = [] ) : void	Constructor.
__destruct ( ) : void	Destructor. Closes the crypto resource when it is no longer needed.
delete ( mixed $data, array $options = [] ) : string	Delete encryption method.
enabled ( ) : boolean	Determines if the Mcrypt extension has been installed.
read ( array $data, array $options = [] ) : mixed	Read encryption method.
write ( mixed $data, array $options = [] ) : string	Write encryption method.

Protected Methods

Method	Description
_decrypt ( string $encrypted ) : array	Decrypt and unserialize a previously encrypted string.
_encrypt ( array $decrypted = [] ) : string	Serialize and encrypt a given data array.
_hashSecret ( string $key ) : string	Hashes the given secret to make harder to detect.
_vector ( ) : string	Generates an initialization vector.
_vectorSize ( ) : number	Returns the vector size vor a given cipher and mode.

Method Details

__construct() public method

Constructor.

public __construct ( array $config = [] ) : void
$config	array	Configuration array. You can override the default cipher and mode.
return	void

__destruct() public method

Destructor. Closes the crypto resource when it is no longer needed.

public __destruct ( ) : void
return	void

_decrypt() protected method

Decrypt and unserialize a previously encrypted string.

protected _decrypt ( string $encrypted ) : array
$encrypted	string	The base64 encoded and encrypted string.
return	array	The cleartext data.

_encrypt() protected method

Serialize and encrypt a given data array.

protected _encrypt ( array $decrypted = [] ) : string
$decrypted	array	The cleartext data to be encrypted.
return	string	A Base64 encoded and encrypted string.

_hashSecret() protected method

This method figures out the appropriate key size for the chosen encryption algorithm and then hashes the given key accordingly. Note that if the key has already the needed length, it is considered to be hashed (secure) already and is therefore not hashed again. This lets you change the hashing method in your own code if you like. The default MCRYPT_RIJNDAEL_128 key should be 32 byte long sha256 is used as the hashing algorithm. If the key size is shorter than the one generated by sha256, the first n bytes will be used.

See link: http://php.net/function.mcrypt-enc-get-key-size.php

protected _hashSecret ( string $key ) : string
$key	string	The possibly too weak key.
return	string	The hashed (raw) key.

_vector() protected static method

Generates an initialization vector.

See link: http://php.net/function.mcrypt-create-iv.php

protected static _vector ( ) : string
return	string	Returns an initialization vector.

_vectorSize() protected static method

Returns the vector size vor a given cipher and mode.

See link: http://php.net/function.mcrypt-enc-get-iv-size.php

protected static _vectorSize ( ) : number
return	number	The vector size.

delete() public method

Delete encryption method.

public delete ( mixed $data, array $options = [] ) : string
$data	mixed	The data to be encrypted.
$options	array	Options for this method.
return	string	Returns the deleted data in cleartext.

enabled() public static method

Determines if the Mcrypt extension has been installed.

public static enabled ( ) : boolean
return	boolean	`true` if enabled, `false` otherwise.

read() public method

Read encryption method.

public read ( array $data, array $options = [] ) : mixed
$data	array	the Data being read.
$options	array	Options for this method.
return	mixed	Returns the decrypted key or the dataset.

write() public method

Write encryption method.

public write ( mixed $data, array $options = [] ) : string
$data	mixed	The data to be encrypted.
$options	array	Options for this method.
return	string	Returns the written data in cleartext.

Property Details

$_defaults protected property

Default configuration.

protected $_defaults

$_resource protected static property

Holds the crypto resource after initialization.

protected static $_resource

$_vector protected static property

Holds the initialization vector.

protected static $_vector