PHP Класс lithium\storage\session\strategy\Encrypt

To use this class, you need to have the mcrypt extension enabled. Example configuration: {{{ Session::config(array('default' => array( 'adapter' => 'Cookie', 'strategies' => array('Encrypt' => array('secret' => 'foobar')) ))); }}} By default, this strategy uses the AES algorithm in the CBC mode. This means that an initialization vector has to be generated and transported with the payload data. This is done transparently, but you may want to keep this in mind (the ECB mode doesn't require an itialization vector but is not recommended to use as it's insecure). You can override this defaults by passing a different cipher and/or mode to the config like this: {{{ Session::config(array('default' => array( 'adapter' => 'Cookie', 'strategies' => array('Encrypt' => array( 'cipher' => MCRYPT_RIJNDAEL_128, 'mode' => MCRYPT_MODE_ECB, // Don't use ECB when you don't have to! 'secret' => 'foobar' )) ))); }}} Please keep in mind that it is generally not a good idea to store sensitive information in cookies (or generally on the client side) and this class is no exception to the rule. It allows you to store client side data in a more secure way, but 100% security can't be achieved.

См. ссылку: The mcrypt extension.

См. ссылку: List of supported ciphers.

См. ссылку: List of supported modes.

Наследование: extends lithium\core\Object

Показать файл Открыть проект Примеры использования класса

Защищенные свойства (Protected)

Свойство	Тип	Описание
$_defaults		Default configuration.
$_resource		Holds the crypto resource after initialization.
$_vector		Holds the initialization vector.

Открытые методы

Метод	Описание
__construct ( array $config = [] ) : void	Constructor.
__destruct ( ) : void	Destructor. Closes the crypto resource when it is no longer needed.
delete ( mixed $data, array $options = [] ) : string	Delete encryption method.
enabled ( ) : boolean	Determines if the Mcrypt extension has been installed.
read ( array $data, array $options = [] ) : mixed	Read encryption method.
write ( mixed $data, array $options = [] ) : string	Write encryption method.

Защищенные методы

Метод	Описание
_decrypt ( string $encrypted ) : array	Decrypt and unserialize a previously encrypted string.
_encrypt ( array $decrypted = [] ) : string	Serialize and encrypt a given data array.
_hashSecret ( string $key ) : string	Hashes the given secret to make harder to detect.
_vector ( ) : string	Generates an initialization vector.
_vectorSize ( ) : number	Returns the vector size vor a given cipher and mode.

Описание методов

__construct() публичный Метод

Constructor.

public __construct ( array $config = [] ) : void
$config	array	Configuration array. You can override the default cipher and mode.
Результат	void

__destruct() публичный Метод

Destructor. Closes the crypto resource when it is no longer needed.

public __destruct ( ) : void
Результат	void

_decrypt() защищенный Метод

Decrypt and unserialize a previously encrypted string.

protected _decrypt ( string $encrypted ) : array
$encrypted	string	The base64 encoded and encrypted string.
Результат	array	The cleartext data.

_encrypt() защищенный Метод

Serialize and encrypt a given data array.

protected _encrypt ( array $decrypted = [] ) : string
$decrypted	array	The cleartext data to be encrypted.
Результат	string	A Base64 encoded and encrypted string.

_hashSecret() защищенный Метод

This method figures out the appropriate key size for the chosen encryption algorithm and then hashes the given key accordingly. Note that if the key has already the needed length, it is considered to be hashed (secure) already and is therefore not hashed again. This lets you change the hashing method in your own code if you like. The default MCRYPT_RIJNDAEL_128 key should be 32 byte long sha256 is used as the hashing algorithm. If the key size is shorter than the one generated by sha256, the first n bytes will be used.

См. ссылку: http://php.net/function.mcrypt-enc-get-key-size.php

protected _hashSecret ( string $key ) : string
$key	string	The possibly too weak key.
Результат	string	The hashed (raw) key.

_vector() защищенный статический Метод

Generates an initialization vector.

См. ссылку: http://php.net/function.mcrypt-create-iv.php

protected static _vector ( ) : string
Результат	string	Returns an initialization vector.

_vectorSize() защищенный статический Метод

Returns the vector size vor a given cipher and mode.

См. ссылку: http://php.net/function.mcrypt-enc-get-iv-size.php

protected static _vectorSize ( ) : number
Результат	number	The vector size.

delete() публичный Метод

Delete encryption method.

public delete ( mixed $data, array $options = [] ) : string
$data	mixed	The data to be encrypted.
$options	array	Options for this method.
Результат	string	Returns the deleted data in cleartext.

enabled() публичный статический Метод

Determines if the Mcrypt extension has been installed.

public static enabled ( ) : boolean
Результат	boolean	`true` if enabled, `false` otherwise.

read() публичный Метод

Read encryption method.

public read ( array $data, array $options = [] ) : mixed
$data	array	the Data being read.
$options	array	Options for this method.
Результат	mixed	Returns the decrypted key or the dataset.

write() публичный Метод

Write encryption method.

public write ( mixed $data, array $options = [] ) : string
$data	mixed	The data to be encrypted.
$options	array	Options for this method.
Результат	string	Returns the written data in cleartext.

Описание свойств

$_defaults защищенное свойство

Default configuration.

protected $_defaults

$_resource защищенное статическое свойство

Holds the crypto resource after initialization.

protected static $_resource

$_vector защищенное статическое свойство

Holds the initialization vector.

protected static $_vector