Class TSecurityManager

Description

TSecurityManager class

TSecurityManager provides private keys, hashing and encryption functionalities that may be used by other PRADO components, such as viewstate persister, cookies.

TSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by ValidationKey. The key used to encrypt data is specified by EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.

To prefix data with an HMAC, call hashData(). To validate if data is tampered, call validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by Validation.

To encrypt and decrypt data, call encrypt() and decrypt() respectively. The encryption algorithm can be set by Encryption.

Note, to use encryption, the PHP Mcrypt extension must be loaded.

  • author: Qiang Xue <qiang.xue@gmail.com>
  • version: $Id: TSecurityManager.php 3066 2011-11-17 16:52:56Z ctrlaltca@gmail.com $
  • since: 3.0

Located in /Security/TSecurityManager.php (line 43)

TComponent
   |
   --TApplicationComponent
      |
      --TModule
         |
         --TSecurityManager
Class Constant Summary
 STATE_ENCRYPTION_KEY = 'prado:securitymanager:encryptionkey'
 STATE_VALIDATION_KEY = 'prado:securitymanager:validationkey'
Method Summary
string computeHMAC (string $data)
string decrypt (string $data)
string encrypt (string $data)
string getEncryption ()
string getEncryptionKey ()
string getValidationKey ()
string hashData (string $data)
void init (TXmlElement $config)
void setEncryption ( $value)
void setEncryptionKey (string $value)
void setValidationKey (string $value)
string validateData (string $data)
Methods
computeHMAC (line 235)

Computes the HMAC for the data with getValidationKey.

  • return: the HMAC for the data
  • access: protected
string computeHMAC (string $data)
  • string $data: data to be generated HMAC
decrypt (line 185)

Decrypts data with getEncryptionKey.

  • return: the decrypted data
  • throws: TNotSupportedException if PHP Mcrypt extension is not loaded
  • access: public
string decrypt (string $data)
  • string $data: data to be decrypted.
encrypt (line 163)

Encrypts data with getEncryptionKey.

  • return: the encrypted data
  • throws: TNotSupportedException if PHP Mcrypt extension is not loaded
  • access: public
string encrypt (string $data)
  • string $data: data to be encrypted.
generateRandomKey (line 66)

Generates a random key.

  • access: protected
void generateRandomKey ()
getEncryption (line 144)
  • return: the algorithm used to encrypt/decrypt data. Defaults to '3DES'.
  • access: public
string getEncryption ()
getEncryptionKey (line 102)
  • return: the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.
  • access: public
string getEncryptionKey ()
getValidation (line 128)
  • return: hashing algorithm used to generate HMAC. Defaults to TSecurityManagerValidationMode::SHA1.
  • access: public
getValidationKey (line 75)
  • return: the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.
  • access: public
string getValidationKey ()
hashData (line 206)

Prefixes data with an HMAC.

  • return: data prefixed with HMAC
  • access: public
string hashData (string $data)
  • string $data: data to be hashed.
init (line 58)

Initializes the module.

The security module is registered with the application.

  • access: public
void init (TXmlElement $config)

Redefinition of:
TModule::init()
Initializes the module.
setEncryption (line 152)
  • throws: TNotSupportedException Do not call this method presently.
  • access: public
void setEncryption ( $value)
  • $value
setEncryptionKey (line 117)
  • throws: TInvalidDataValueException if the key is empty
  • access: public
void setEncryptionKey (string $value)
  • string $value: the key used to encrypt/decrypt data.
setValidation (line 136)
  • access: public
void setValidation (TSecurityManagerValidationMode $value)
setValidationKey (line 90)
  • throws: TInvalidDataValueException if the key is empty
  • access: public
void setValidationKey (string $value)
  • string $value: the key used to generate HMAC
validateData (line 219)

Validates if data is tampered.

  • return: the real data with HMAC stripped off. False if the data is tampered.
  • access: public
string validateData (string $data)
  • string $data: data to be validated. The data must be previously generated using hashData().

Inherited Methods

Inherited From TModule

TModule::getID()
TModule::init()
TModule::setID()

Inherited From TApplicationComponent

TApplicationComponent::getApplication()
TApplicationComponent::getRequest()
TApplicationComponent::getResponse()
TApplicationComponent::getService()
TApplicationComponent::getSession()
TApplicationComponent::getUser()
TApplicationComponent::publishAsset()
TApplicationComponent::publishFilePath()

Inherited From TComponent

TComponent::addParsedObject()
TComponent::attachEventHandler()
TComponent::canGetProperty()
TComponent::canSetProperty()
TComponent::createdOnTemplate()
TComponent::detachEventHandler()
TComponent::evaluateExpression()
TComponent::evaluateStatements()
TComponent::getEventHandlers()
TComponent::getSubProperty()
TComponent::hasEvent()
TComponent::hasEventHandler()
TComponent::hasProperty()
TComponent::raiseEvent()
TComponent::setSubProperty()
TComponent::__call()
TComponent::__get()
TComponent::__set()
TComponent::__sleep()
TComponent::__wakeup()
Class Constants
STATE_ENCRYPTION_KEY = 'prado:securitymanager:encryptionkey' (line 46)
STATE_VALIDATION_KEY = 'prado:securitymanager:validationkey' (line 45)

Documentation generated on Mon, 25 Jun 2012 14:39:10 +0200 by phpDocumentor 1.4.3