PHP Class Prado\Security\TSecurityManager

TSecurityManager provides private keys, hashing and encryption functionalities that may be used by other PRADO components, such as viewstate persister, cookies. TSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by {@link setValidationKey ValidationKey}. The key used to encrypt data is specified by {@link setEncryptionKey EncryptionKey}. If the above keys are not explicitly set, random keys will be generated and used. To prefix data with an HMAC, call {@link hashData()}. To validate if data is tampered, call {@link validateData()}, which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by {@link setValidation Validation}. To encrypt and decrypt data, call {@link encrypt()} and {@link decrypt()} respectively. The encryption algorithm can be set by {@link setEncryption Encryption}. Note, to use encryption, the PHP Mcrypt extension must be loaded.

Since: 3.0

Author: Qiang Xue ([email protected])

Inheritance: extends Prado\TModule

Mostrar archivo Open project: pradosoft/prado Class Usage Examples

Public Methods

Method	Description
decrypt ( $data ) : string	Decrypts data with {@link getEncryptionKey EncryptionKey}.
encrypt ( $data ) : string	Encrypts data with {@link getEncryptionKey EncryptionKey}.
getCryptAlgorithm ( ) : mixed
getEncryption ( ) : string	This method has been deprecated since version 3.2.1.
getEncryptionKey ( ) : string
getHashAlgorithm ( ) : string
getValidation ( ) : string	This method has been deprecated since version 3.2.1.
getValidationKey ( ) : string
hashData ( $data ) : string	Prefixes data with an HMAC.
init ( $config )	Initializes the module.
setCryptAlgorithm ( $value )	Sets the crypt algorithm (also known as cipher or cypher) that will be used for {@link encrypt} and {@link decrypt}.
setEncryption ( $value )	This method has been deprecated since version 3.2.1.
setEncryptionKey ( $value )
setHashAlgorithm ( $value )
setValidation ( $value )	This method has been deprecated since version 3.2.1.
setValidationKey ( $value )
validateData ( $data ) : string	Validates if data is tampered.

Protected Methods

Method	Description
computeHMAC ( $data ) : string	Computes the HMAC for the data with {@link getValidationKey ValidationKey}.
generateRandomKey ( )	Generates a random key.
openCryptModule ( ) : resource	Opens the mcrypt module with the configuration specified in {@link cryptAlgorithm}.

Private Methods

Method	Description
strlen ( string $string ) : integer	Returns the length of the given string.
substr ( string $string, integer $start, integer $length ) : string	Returns the portion of string specified by the start and length parameters.

Method Details

computeHMAC() protected method

Computes the HMAC for the data with {@link getValidationKey ValidationKey}.

protected computeHMAC ( $data ) : string
return	string	the HMAC for the data

decrypt() public method

Decrypts data with {@link getEncryptionKey EncryptionKey}.

public decrypt ( $data ) : string
return	string	the decrypted data

encrypt() public method

Encrypts data with {@link getEncryptionKey EncryptionKey}.

public encrypt ( $data ) : string
return	string	the encrypted data

generateRandomKey() protected method

Generates a random key.

protected generateRandomKey ( )

getCryptAlgorithm() public method

public getCryptAlgorithm ( ) : mixed
return	mixed	the algorithm used to encrypt/decrypt data. Defaults to the string 'rijndael-256'.

getEncryption() public method

Please use {@link getCryptAlgorithm()} instead.

public getEncryption ( ) : string
return	string	the algorithm used to encrypt/decrypt data.

getEncryptionKey() public method

public getEncryptionKey ( ) : string
return	string	the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

getHashAlgorithm() public method

public getHashAlgorithm ( ) : string
return	string	hashing algorithm used to generate HMAC. Defaults to 'sha1'.

getValidation() public method

Please use {@link getHashAlgorithm()} instead.

public getValidation ( ) : string
return	string	hashing algorithm used to generate HMAC. Defaults to 'sha1'.

getValidationKey() public method

public getValidationKey ( ) : string
return	string	the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

hashData() public method

Prefixes data with an HMAC.

public hashData ( $data ) : string
return	string	data prefixed with HMAC

init() public method

The security module is registered with the application.

public init ( $config )

openCryptModule() protected method

Opens the mcrypt module with the configuration specified in {@link cryptAlgorithm}.

Since: 3.2.1

protected openCryptModule ( ) : resource
return	resource	the mycrypt module handle.

setCryptAlgorithm() public method

Sets the crypt algorithm (also known as cipher or cypher) that will be used for {@link encrypt} and {@link decrypt}.

public setCryptAlgorithm ( $value )

setEncryption() public method

Please use {@link setCryptAlgorithm()} instead.

public setEncryption ( $value )

setEncryptionKey() public method

public setEncryptionKey ( $value )

setHashAlgorithm() public method

public setHashAlgorithm ( $value )

setValidation() public method

Please use {@link setHashAlgorithm()} instead.

public setValidation ( $value )

setValidationKey() public method

public setValidationKey ( $value )

validateData() public method

Validates if data is tampered.

public validateData ( $data ) : string
return	string	the real data with HMAC stripped off. False if the data is tampered.