CSecurityManager
| 包 | system.base |
|---|---|
| 继承 | class CSecurityManager » CApplicationComponent » CComponent |
| 实现 | IApplicationComponent |
| 可用自 | 1.0 |
| 版本 | $Id$ |
CSecurityManager provides private keys, hashing and encryption functions.
CSecurityManager is used by Yii components and applications for security-related purpose. For example, it is used in cookie validation feature to prevent cookie data from being tampered.
CSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by ValidationKey. The key used to encrypt data is specified by EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.
To protected data with HMAC, call hashData(); and to check if the data is tampered, call validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by Validation.
To encrypt and decrypt data, call encrypt() and decrypt() respectively, which uses 3DES encryption algorithm. Note, the PHP Mcrypt extension must be installed and loaded.
CSecurityManager is a core application component that can be accessed via CApplication::getSecurityManager().
CSecurityManager is used by Yii components and applications for security-related purpose. For example, it is used in cookie validation feature to prevent cookie data from being tampered.
CSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by ValidationKey. The key used to encrypt data is specified by EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.
To protected data with HMAC, call hashData(); and to check if the data is tampered, call validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by Validation.
To encrypt and decrypt data, call encrypt() and decrypt() respectively, which uses 3DES encryption algorithm. Note, the PHP Mcrypt extension must be installed and loaded.
CSecurityManager is a core application component that can be accessed via CApplication::getSecurityManager().
公共属性
| 属性 | 类型 | 描述 | 被定义在 |
|---|---|---|---|
| behaviors | array | the behaviors that should be attached to this component. | CApplicationComponent |
| encryptionKey | string | the private key used to encrypt/decrypt data. | CSecurityManager |
| isInitialized | boolean | whether this application component has been initialized (i. | CApplicationComponent |
| validation | string | hashing algorithm used to generate HMAC. | CSecurityManager |
| validationKey | string | the private key used to generate HMAC. | CSecurityManager |
公共方法
| 方法 | 描述 | 被定义在 |
|---|---|---|
| __call() | Calls the named method which is not a class method. | CComponent |
| __get() | Returns a property value, an event handler list or a behavior based on its name. | CComponent |
| __isset() | Checks if a property value is null. | CComponent |
| __set() | Sets value of a component property. | CComponent |
| __unset() | Sets a component property to be null. | CComponent |
| asa() | Returns the named behavior object. | CComponent |
| attachBehavior() | Attaches a behavior to this component. | CComponent |
| attachBehaviors() | Attaches a list of behaviors to the component. | CComponent |
| attachEventHandler() | Attaches an event handler to an event. | CComponent |
| canGetProperty() | Determines whether a property can be read. | CComponent |
| canSetProperty() | Determines whether a property can be set. | CComponent |
| decrypt() | Decrypts data with EncryptionKey. | CSecurityManager |
| detachBehavior() | Detaches a behavior from the component. | CComponent |
| detachBehaviors() | Detaches all behaviors from the component. | CComponent |
| detachEventHandler() | Detaches an existing event handler. | CComponent |
| disableBehavior() | Disables an attached behavior. | CComponent |
| disableBehaviors() | Disables all behaviors attached to this component. | CComponent |
| enableBehavior() | Enables an attached behavior. | CComponent |
| enableBehaviors() | Enables all behaviors attached to this component. | CComponent |
| encrypt() | Encrypts data with EncryptionKey. | CSecurityManager |
| getEncryptionKey() | CSecurityManager | |
| getEventHandlers() | Returns the list of attached event handlers for an event. | CComponent |
| getIsInitialized() | CApplicationComponent | |
| getValidation() | CSecurityManager | |
| getValidationKey() | CSecurityManager | |
| hasEvent() | Determines whether an event is defined. | CComponent |
| hasEventHandler() | Checks whether the named event has attached handlers. | CComponent |
| hasProperty() | Determines whether a property is defined. | CComponent |
| hashData() | Prefixes data with an HMAC. | CSecurityManager |
| init() | Initializes the application component. | CApplicationComponent |
| raiseEvent() | Raises an event. | CComponent |
| setEncryptionKey() | CSecurityManager | |
| setValidation() | CSecurityManager | |
| setValidationKey() | CSecurityManager | |
| validateData() | Validates if data is tampered. | CSecurityManager |
受保护的方法
| 方法 | 描述 | 被定义在 |
|---|---|---|
| computeHMAC() | Computes the HMAC for the data with ValidationKey. | CSecurityManager |
| generateRandomKey() | CSecurityManager |
属性详情
encryptionKey
属性
the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.
validation
属性
hashing algorithm used to generate HMAC. Defaults to 'SHA1'.
validationKey
属性
the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.
方法详情
computeHMAC()
方法
|
protected string computeHMAC(string $data)
| ||
| $data | string | data to be generated HMAC |
| {return} | string | the HMAC for the data |
Computes the HMAC for the data with ValidationKey.
decrypt()
方法
|
public string decrypt(string $data)
| ||
| $data | string | data to be decrypted. |
| {return} | string | the decrypted data |
Decrypts data with EncryptionKey.
encrypt()
方法
|
public string encrypt(string $data)
| ||
| $data | string | data to be encrypted. |
| {return} | string | the encrypted data |
Encrypts data with EncryptionKey.
generateRandomKey()
方法
|
protected string generateRandomKey()
| ||
| {return} | string | a randomly generated key |
getEncryptionKey()
方法
|
public string getEncryptionKey()
| ||
| {return} | string | the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned. |
getValidation()
方法
|
public string getValidation()
| ||
| {return} | string | hashing algorithm used to generate HMAC. Defaults to 'SHA1'. |
getValidationKey()
方法
|
public string getValidationKey()
| ||
| {return} | string | the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned. |
hashData()
方法
|
public string hashData(string $data)
| ||
| $data | string | data to be hashed. |
| {return} | string | data prefixed with HMAC |
Prefixes data with an HMAC.
setEncryptionKey()
方法
|
public void setEncryptionKey(string $value)
| ||
| $value | string | the key used to encrypt/decrypt data. |
setValidation()
方法
|
public void setValidation(string $value)
| ||
| $value | string | hashing algorithm used to generate HMAC. It must be either 'MD5' or 'SHA1'. |
setValidationKey()
方法
|
public void setValidationKey(string $value)
| ||
| $value | string | the key used to generate HMAC |
validateData()
方法
|
public string validateData(string $data)
| ||
| $data | string | data to be validated. The data must be previously generated using hashData(). |
| {return} | string | the real data with HMAC stripped off. False if the data is tampered. |
Validates if data is tampered.