PHP Class Prado\Security\TSecurityManager

TSecurityManager provides private keys, hashing and encryption functionalities that may be used by other PRADO components, such as viewstate persister, cookies. TSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by {@link setValidationKey ValidationKey}. The key used to encrypt data is specified by {@link setEncryptionKey EncryptionKey}. If the above keys are not explicitly set, random keys will be generated and used. To prefix data with an HMAC, call {@link hashData()}. To validate if data is tampered, call {@link validateData()}, which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by {@link setValidation Validation}. To encrypt and decrypt data, call {@link encrypt()} and {@link decrypt()} respectively. The encryption algorithm can be set by {@link setEncryption Encryption}. Note, to use encryption, the PHP Mcrypt extension must be loaded.

Since: 3.0

Author: Qiang Xue ([email protected])

Inheritance: extends Prado\TModule

Afficher le fichier Open project: pradosoft/prado Class Usage Examples

Méthodes publiques

Méthode	Description
decrypt ( $data ) : string	Decrypts data with {@link getEncryptionKey EncryptionKey}.
encrypt ( $data ) : string	Encrypts data with {@link getEncryptionKey EncryptionKey}.
getCryptAlgorithm ( ) : mixed
getEncryption ( ) : string	This method has been deprecated since version 3.2.1.
getEncryptionKey ( ) : string
getHashAlgorithm ( ) : string
getValidation ( ) : string	This method has been deprecated since version 3.2.1.
getValidationKey ( ) : string
hashData ( $data ) : string	Prefixes data with an HMAC.
init ( $config )	Initializes the module.
setCryptAlgorithm ( $value )	Sets the crypt algorithm (also known as cipher or cypher) that will be used for {@link encrypt} and {@link decrypt}.
setEncryption ( $value )	This method has been deprecated since version 3.2.1.
setEncryptionKey ( $value )
setHashAlgorithm ( $value )
setValidation ( $value )	This method has been deprecated since version 3.2.1.
setValidationKey ( $value )
validateData ( $data ) : string	Validates if data is tampered.

Méthodes protégées

Méthode	Description
computeHMAC ( $data ) : string	Computes the HMAC for the data with {@link getValidationKey ValidationKey}.
generateRandomKey ( )	Generates a random key.
openCryptModule ( ) : resource	Opens the mcrypt module with the configuration specified in {@link cryptAlgorithm}.

Private Methods

Méthode	Description
strlen ( string $string ) : integer	Returns the length of the given string.
substr ( string $string, integer $start, integer $length ) : string	Returns the portion of string specified by the start and length parameters.

Method Details

computeHMAC() protected méthode

Computes the HMAC for the data with {@link getValidationKey ValidationKey}.

protected computeHMAC ( $data ) : string
Résultat	string	the HMAC for the data

decrypt() public méthode

Decrypts data with {@link getEncryptionKey EncryptionKey}.

public decrypt ( $data ) : string
Résultat	string	the decrypted data

encrypt() public méthode

Encrypts data with {@link getEncryptionKey EncryptionKey}.

public encrypt ( $data ) : string
Résultat	string	the encrypted data

generateRandomKey() protected méthode

Generates a random key.

protected generateRandomKey ( )

getCryptAlgorithm() public méthode

public getCryptAlgorithm ( ) : mixed
Résultat	mixed	the algorithm used to encrypt/decrypt data. Defaults to the string 'rijndael-256'.

getEncryption() public méthode

Please use {@link getCryptAlgorithm()} instead.

public getEncryption ( ) : string
Résultat	string	the algorithm used to encrypt/decrypt data.

getEncryptionKey() public méthode

public getEncryptionKey ( ) : string
Résultat	string	the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

getHashAlgorithm() public méthode

public getHashAlgorithm ( ) : string
Résultat	string	hashing algorithm used to generate HMAC. Defaults to 'sha1'.

getValidation() public méthode

Please use {@link getHashAlgorithm()} instead.

public getValidation ( ) : string
Résultat	string	hashing algorithm used to generate HMAC. Defaults to 'sha1'.

getValidationKey() public méthode

public getValidationKey ( ) : string
Résultat	string	the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

hashData() public méthode

Prefixes data with an HMAC.

public hashData ( $data ) : string
Résultat	string	data prefixed with HMAC

init() public méthode

The security module is registered with the application.

public init ( $config )

openCryptModule() protected méthode

Opens the mcrypt module with the configuration specified in {@link cryptAlgorithm}.

Since: 3.2.1

protected openCryptModule ( ) : resource
Résultat	resource	the mycrypt module handle.

setCryptAlgorithm() public méthode

Sets the crypt algorithm (also known as cipher or cypher) that will be used for {@link encrypt} and {@link decrypt}.

public setCryptAlgorithm ( $value )

setEncryption() public méthode

Please use {@link setCryptAlgorithm()} instead.

public setEncryption ( $value )

setEncryptionKey() public méthode

public setEncryptionKey ( $value )

setHashAlgorithm() public méthode

public setHashAlgorithm ( $value )

setValidation() public méthode

Please use {@link setHashAlgorithm()} instead.

public setValidation ( $value )

setValidationKey() public méthode

public setValidationKey ( $value )

validateData() public méthode

Validates if data is tampered.

public validateData ( $data ) : string
Résultat	string	the real data with HMAC stripped off. False if the data is tampered.