comparison cake/libs/security.php @ 0:261e66bd5a0c

hg init
author Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
date Sun, 24 Jul 2011 21:08:31 +0900
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:261e66bd5a0c
1 <?php
2 /**
3 * Core Security
4 *
5 * PHP versions 4 and 5
6 *
7 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
8 * Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
9 *
10 * Licensed under The MIT License
11 * Redistributions of files must retain the above copyright notice.
12 *
13 * @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
14 * @link http://cakephp.org CakePHP(tm) Project
15 * @package cake
16 * @subpackage cake.cake.libs
17 * @since CakePHP(tm) v .0.10.0.1233
18 * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
19 */
20
21 /**
22 * Security Library contains utility methods related to security
23 *
24 * @package cake
25 * @subpackage cake.cake.libs
26 */
27 class Security extends Object {
28
29 /**
30 * Default hash method
31 *
32 * @var string
33 * @access public
34 */
35 var $hashType = null;
36
37 /**
38 * Singleton implementation to get object instance.
39 *
40 * @return object
41 * @access public
42 * @static
43 */
44 function &getInstance() {
45 static $instance = array();
46 if (!$instance) {
47 $instance[0] =& new Security;
48 }
49 return $instance[0];
50 }
51
52 /**
53 * Get allowed minutes of inactivity based on security level.
54 *
55 * @return integer Allowed inactivity in minutes
56 * @access public
57 * @static
58 */
59 function inactiveMins() {
60 switch (Configure::read('Security.level')) {
61 case 'high':
62 return 10;
63 break;
64 case 'medium':
65 return 100;
66 break;
67 case 'low':
68 default:
69 return 300;
70 break;
71 }
72 }
73
74 /**
75 * Generate authorization hash.
76 *
77 * @return string Hash
78 * @access public
79 * @static
80 */
81 function generateAuthKey() {
82 if (!class_exists('String')) {
83 App::import('Core', 'String');
84 }
85 return Security::hash(String::uuid());
86 }
87
88 /**
89 * Validate authorization hash.
90 *
91 * @param string $authKey Authorization hash
92 * @return boolean Success
93 * @access public
94 * @static
95 * @todo Complete implementation
96 */
97 function validateAuthKey($authKey) {
98 return true;
99 }
100
101 /**
102 * Create a hash from string using given method.
103 * Fallback on next available method.
104 *
105 * @param string $string String to hash
106 * @param string $type Method to use (sha1/sha256/md5)
107 * @param boolean $salt If true, automatically appends the application's salt
108 * value to $string (Security.salt)
109 * @return string Hash
110 * @access public
111 * @static
112 */
113 function hash($string, $type = null, $salt = false) {
114 $_this =& Security::getInstance();
115
116 if ($salt) {
117 if (is_string($salt)) {
118 $string = $salt . $string;
119 } else {
120 $string = Configure::read('Security.salt') . $string;
121 }
122 }
123
124 if (empty($type)) {
125 $type = $_this->hashType;
126 }
127 $type = strtolower($type);
128
129 if ($type == 'sha1' || $type == null) {
130 if (function_exists('sha1')) {
131 $return = sha1($string);
132 return $return;
133 }
134 $type = 'sha256';
135 }
136
137 if ($type == 'sha256' && function_exists('mhash')) {
138 return bin2hex(mhash(MHASH_SHA256, $string));
139 }
140
141 if (function_exists('hash')) {
142 return hash($type, $string);
143 }
144 return md5($string);
145 }
146
147 /**
148 * Sets the default hash method for the Security object. This affects all objects using
149 * Security::hash().
150 *
151 * @param string $hash Method to use (sha1/sha256/md5)
152 * @access public
153 * @return void
154 * @static
155 * @see Security::hash()
156 */
157 function setHash($hash) {
158 $_this =& Security::getInstance();
159 $_this->hashType = $hash;
160 }
161
162 /**
163 * Encrypts/Decrypts a text using the given key.
164 *
165 * @param string $text Encrypted string to decrypt, normal string to encrypt
166 * @param string $key Key to use
167 * @return string Encrypted/Decrypted string
168 * @access public
169 * @static
170 */
171 function cipher($text, $key) {
172 if (empty($key)) {
173 trigger_error(__('You cannot use an empty key for Security::cipher()', true), E_USER_WARNING);
174 return '';
175 }
176
177 srand(Configure::read('Security.cipherSeed'));
178 $out = '';
179 $keyLength = strlen($key);
180 for ($i = 0, $textLength = strlen($text); $i < $textLength; $i++) {
181 $j = ord(substr($key, $i % $keyLength, 1));
182 while ($j--) {
183 rand(0, 255);
184 }
185 $mask = rand(0, 255);
186 $out .= chr(ord(substr($text, $i, 1)) ^ $mask);
187 }
188 srand();
189 return $out;
190 }
191 }