Security Library contains utility methods related to security
_checkKey( string $key , string $method )
Check the encryption key for proper length.
$key
$method
CakeException
_crypt( string $password , mixed $salt false )
One way encryption using php's crypt() function. To use blowfish hashing see `Security::hash()
`
$password
$salt
optional false string
_salt( integer $length 22 )
Generates a pseudo random salt suitable for use with php's crypt() function. The salt length should not exceed 27. The salt will be composed of [./0-9A-Za-z]{$length}.
$length
optional 22 string
cipher( string $text , string $key )
Runs $text through a XOR cipher.
Note This is not a cryptographically strong method and should not be used for sensitive data. Additionally this method does not work in environments where suhosin is enabled.
Instead you should use Security::rijndael() when you need strong encryption.
$text
$key
string
decrypt( string $cipher , string $key , string $hmacSalt null )
Decrypt a value using AES-256.
$cipher
$key
$hmacSalt
optional null string
CakeException
encrypt( string $plain , string $key , string $hmacSalt null )
Encrypt a value using AES-256.
Caveat You cannot properly encrypt/decrypt data with trailing null bytes. Any trailing null bytes will be removed on decryption due to how PHP pads messages with nulls prior to encryption.
$plain
$key
$hmacSalt
optional null string
CakeException
generateAuthKey( )
Generate authorization hash.
string
hash( string $string , string $type null , mixed $salt false )
Create a hash from string using given method or fallback on next available method.
you ensuring that each hashed password will have a unique salt.
The salt is prepended to the hash and php handles the parsing automagically. For convenience the BlowfishPasswordHasher
class is available for use with the AuthComponent.
Creating a blowfish/bcrypt hash:
$hash = Security::hash($password, 'blowfish');
$string
$type
optional null $salt
optional false string
inactiveMins( )
Get allowed minutes of inactivity based on security level.
integer
rijndael( string $text , string $key , string $operation )
Encrypts/Decrypts a text using the given key using rijndael method.
Prior to 2.3.1, a fixed initialization vector was used. This was not secure. This method now uses a random iv, and will silently upgrade values when they are re-encrypted.
$text
$key
$operation
string
setCost( integer $cost )
Sets the cost for they blowfish hash method.
$cost
setHash( string $hash )
Sets the default hash method for the Security object. This affects all objects using Security::hash().
$hash
Security::hash()
validateAuthKey( string $authKey )
Validate authorization hash.
$authKey
boolean
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/2.7/class-Security.html