PRADO Component Framework for PHP 5
  • Home
  • About
  • Testimonials
  • Demos
  • Download
  • Documentation
  • Forum
  • Development
  • Tutorials
  • Class Docs
  • API Manual
  • Wiki

Packages

  • None
  • System
    • Caching
    • Collections
    • Data
      • ActiveRecord
        • Relations
        • Scaffold
          • InputBuilder
      • Commom
        • Sqlite
      • Common
        • Mssql
        • Mysql
        • Oracle
        • Pgsql
        • Sqlite
      • DataGateway
      • SqlMap
        • Configuration
        • Statements
    • Exceptions
    • I18N
    • IO
    • Security
    • Util
    • Web
      • Javascripts
      • Services
      • UI
        • ActiveControls
        • WebControls
    • Xml
  • Wsat
    • pages
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  • Todo

Class TSecurityManager

TSecurityManager class

TSecurityManager provides private keys, hashing and encryption functionalities that may be used by other PRADO components, such as viewstate persister, cookies.

TSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by setValidationKey ValidationKey. The key used to encrypt data is specified by setEncryptionKey EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.

To prefix data with an HMAC, call TSecurityManager::hashData(). To validate if data is tampered, call TSecurityManager::validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by setValidation Validation.

To encrypt and decrypt data, call TSecurityManager::encrypt() and TSecurityManager::decrypt() respectively. The encryption algorithm can be set by setEncryption Encryption.

Note, to use encryption, the PHP Mcrypt extension must be loaded.

TComponent
Extended by TApplicationComponent
Extended by TModule implements IModule
Extended by TSecurityManager
Package: System\Security
Copyright: Copyright © 2005-2014 PradoSoft
License: http://www.pradosoft.com/license/
Author: Qiang Xue <qiang.xue@gmail.com>
Since: 3.0
Located at Security/TSecurityManager.php
Methods summary
public
# init( TXmlElement $config )

Initializes the module. The security module is registered with the application.

Initializes the module. The security module is registered with the application.

Parameters

$config
TXmlElement
initial module configuration

Overrides

TModule::init()
protected
# generateRandomKey( )

Generates a random key.

Generates a random key.

public string
# getValidationKey( )

Returns

string
the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.
public
# setValidationKey( string $value )

Parameters

$value
string
the key used to generate HMAC

Throws

TInvalidDataValueException
if the key is empty
public string
# getEncryptionKey( )

Returns

string
the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.
public
# setEncryptionKey( string $value )

Parameters

$value
string
the key used to encrypt/decrypt data.

Throws

TInvalidDataValueException
if the key is empty
public string
# getValidation( )

This method has been deprecated since version 3.2.1. Please use TSecurityManager::getHashAlgorithm() instead.

This method has been deprecated since version 3.2.1. Please use TSecurityManager::getHashAlgorithm() instead.

Returns

string
hashing algorithm used to generate HMAC. Defaults to 'sha1'.
public string
# getHashAlgorithm( )

Returns

string
hashing algorithm used to generate HMAC. Defaults to 'sha1'.
public
# setValidation( TSecurityManagerValidationMode $value )

This method has been deprecated since version 3.2.1. Please use TSecurityManager::setHashAlgorithm() instead.

This method has been deprecated since version 3.2.1. Please use TSecurityManager::setHashAlgorithm() instead.

Parameters

$value
TSecurityManagerValidationMode
hashing algorithm used to generate HMAC.
public
# setHashAlgorithm( string $value )

Parameters

$value
string
hashing algorithm used to generate HMAC.
public string
# getEncryption( )

This method has been deprecated since version 3.2.1. Please use TSecurityManager::getCryptAlgorithm() instead.

This method has been deprecated since version 3.2.1. Please use TSecurityManager::getCryptAlgorithm() instead.

Returns

string
the algorithm used to encrypt/decrypt data.
public
# setEncryption( string $value )

This method has been deprecated since version 3.2.1. Please use TSecurityManager::setCryptAlgorithm() instead.

This method has been deprecated since version 3.2.1. Please use TSecurityManager::setCryptAlgorithm() instead.

Parameters

$value
string
cipther name
public mixed
# getCryptAlgorithm( )

Returns

mixed
the algorithm used to encrypt/decrypt data. Defaults to the string 'rijndael-256'.
public
# setCryptAlgorithm( mixed $value )

Sets the crypt algorithm (also known as cipher or cypher) that will be used for TSecurityManager::encrypt() and TSecurityManager::decrypt().

Sets the crypt algorithm (also known as cipher or cypher) that will be used for TSecurityManager::encrypt() and TSecurityManager::decrypt().

Parameters

$value
mixed
either a string containing the cipther name or an array containing the full parameters to call mcrypt_module_open().
public string
# encrypt( string $data )

Encrypts data with getEncryptionKey EncryptionKey.

Encrypts data with getEncryptionKey EncryptionKey.

Parameters

$data
string
data to be encrypted.

Returns

string
the encrypted data

Throws

TNotSupportedException
if PHP Mcrypt extension is not loaded
public string
# decrypt( string $data )

Decrypts data with getEncryptionKey EncryptionKey.

Decrypts data with getEncryptionKey EncryptionKey.

Parameters

$data
string
data to be decrypted.

Returns

string
the decrypted data

Throws

TNotSupportedException
if PHP Mcrypt extension is not loaded
protected resource
# openCryptModule( )

Opens the mcrypt module with the configuration specified in cryptAlgorithm.

Opens the mcrypt module with the configuration specified in cryptAlgorithm.

Returns

resource
the mycrypt module handle.

Since

3.2.1
public string
# hashData( string $data )

Prefixes data with an HMAC.

Prefixes data with an HMAC.

Parameters

$data
string
data to be hashed.

Returns

string
data prefixed with HMAC
public string
# validateData( string $data )

Validates if data is tampered.

Validates if data is tampered.

Parameters

$data
string
data to be validated. The data must be previously generated using TSecurityManager::hashData().

Returns

string
the real data with HMAC stripped off. False if the data is tampered.
protected string
# computeHMAC( string $data )

Computes the HMAC for the data with getValidationKey ValidationKey.

Computes the HMAC for the data with getValidationKey ValidationKey.

Parameters

$data
string
data to be generated HMAC

Returns

string
the HMAC for the data
Methods inherited from TModule
getID(), setID()
Methods inherited from TApplicationComponent
getApplication(), getRequest(), getResponse(), getService(), getSession(), getUser(), publishAsset(), publishFilePath()
Methods inherited from TComponent
__call(), __construct(), __destruct(), __get(), __isset(), __set(), __sleep(), __unset(), __wakeup(), addParsedObject(), asa(), attachBehavior(), attachBehaviors(), attachClassBehavior(), attachEventHandler(), canGetProperty(), canSetProperty(), clearBehaviors(), createdOnTemplate(), detachBehavior(), detachBehaviors(), detachClassBehavior(), detachEventHandler(), disableBehavior(), disableBehaviors(), enableBehavior(), enableBehaviors(), evaluateExpression(), evaluateStatements(), fxAttachClassBehavior(), fxDetachClassBehavior(), getAutoGlobalListen(), getBehaviorsEnabled(), getClassHierarchy(), getEventHandlers(), getListeningToGlobalEvents(), getSubProperty(), hasEvent(), hasEventHandler(), hasProperty(), isa(), listen(), raiseEvent(), setSubProperty(), unlisten()
Constants summary
string STATE_VALIDATION_KEY 'prado:securitymanager:validationkey'
#
string STATE_ENCRYPTION_KEY 'prado:securitymanager:encryptionkey'
#
Constants inherited from TComponent
GLOBAL_RAISE_EVENT_LISTENER
Terms of Service | Contact Us
PRADO v3.2.4 API Manual API documentation generated by ApiGen 2.8.0
Copyright © 2006-2014 by the PRADO Group.
Powered by PRADO