PHP Class lithium\storage\session\strategy\Encrypt
To use this class, you need to have the
mcrypt extension enabled.
Example configuration:
{{{
Session::config(array('default' => array(
'adapter' => 'Cookie',
'strategies' => array('Encrypt' => array('secret' => 'foobar'))
)));
}}}
By default, this strategy uses the AES algorithm in the CBC mode. This means that an
initialization vector has to be generated and transported with the payload data. This
is done transparently, but you may want to keep this in mind (the ECB mode doesn't require
an itialization vector but is not recommended to use as it's insecure). You can override this
defaults by passing a different
cipher and/or
mode to the config like this:
{{{
Session::config(array('default' => array(
'adapter' => 'Cookie',
'strategies' => array('Encrypt' => array(
'cipher' => MCRYPT_RIJNDAEL_128,
'mode' => MCRYPT_MODE_ECB, // Don't use ECB when you don't have to!
'secret' => 'foobar'
))
)));
}}}
Please keep in mind that it is generally not a good idea to store sensitive information in
cookies (or generally on the client side) and this class is no exception to the rule. It allows
you to store client side data in a more secure way, but 100% security can't be achieved.
Datei anzeigen
Open project: unionofrad/lithium
Class Usage Examples
Protected Properties
Property |
Type |
Description |
|
$_defaults |
|
Default configuration. |
|
$_resource |
|
Holds the crypto resource after initialization. |
|
$_vector |
|
Holds the initialization vector. |
|
Public Methods
Protected Methods
Method Details
__construct()
public method
__destruct()
public method
Destructor. Closes the crypto resource when it is no longer needed.
_decrypt()
protected method
Decrypt and unserialize a previously encrypted string.
_encrypt()
protected method
Serialize and encrypt a given data array.
protected _encrypt ( array $decrypted = [] ) : string |
$decrypted |
array |
The cleartext data to be encrypted. |
return |
string |
A Base64 encoded and encrypted string. |
_hashSecret()
protected method
This method figures out the appropriate key size for the chosen encryption algorithm and
then hashes the given key accordingly. Note that if the key has already the needed length,
it is considered to be hashed (secure) already and is therefore not hashed again. This lets
you change the hashing method in your own code if you like.
The default MCRYPT_RIJNDAEL_128 key should be 32 byte long sha256 is used as the hashing
algorithm. If the key size is shorter than the one generated by sha256, the first n bytes
will be used.
_vector()
protected static method
Generates an initialization vector.
_vectorSize()
protected static method
Returns the vector size vor a given cipher and mode.
Delete encryption method.
public delete ( mixed $data, array $options = [] ) : string |
$data |
mixed |
The data to be encrypted. |
$options |
array |
Options for this method. |
return |
string |
Returns the deleted data in cleartext. |
enabled()
public static method
Determines if the Mcrypt extension has been installed.
public read ( array $data, array $options = [] ) : mixed |
$data |
array |
the Data being read. |
$options |
array |
Options for this method. |
return |
mixed |
Returns the decrypted key or the dataset. |
public write ( mixed $data, array $options = [] ) : string |
$data |
mixed |
The data to be encrypted. |
$options |
array |
Options for this method. |
return |
string |
Returns the written data in cleartext. |
Property Details
$_defaults protected_oe property
$_resource protected_oe static_oe property
Holds the crypto resource after initialization.
protected static $_resource |
$_vector protected_oe static_oe property
Holds the initialization vector.
protected static $_vector |