system system.base system.caching system.caching.dependencies system.collections system.console system.db system.db.ar system.db.schema system.db.schema.mssql system.db.schema.mysql system.db.schema.oci system.db.schema.pgsql system.db.schema.sqlite system.i18n system.i18n.gettext system.logging system.utils system.validators system.web system.web.actions system.web.auth system.web.filters system.web.helpers system.web.renderers system.web.services system.web.widgets system.web.widgets.captcha system.web.widgets.pagers

CSecurityManager

system.base
继承 class CSecurityManager » CApplicationComponent » CComponent
实现 IApplicationComponent
可用自 1.0
版本 $Id$
CSecurityManager provides private keys, hashing and encryption functions.

CSecurityManager is used by Yii components and applications for security-related purpose. For example, it is used in cookie validation feature to prevent cookie data from being tampered.

CSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by ValidationKey. The key used to encrypt data is specified by EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.

To protected data with HMAC, call hashData(); and to check if the data is tampered, call validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by Validation.

To encrypt and decrypt data, call encrypt() and decrypt() respectively, which uses 3DES encryption algorithm. Note, the PHP Mcrypt extension must be installed and loaded.

CSecurityManager is a core application component that can be accessed via CApplication::getSecurityManager().

公共属性

隐藏继承的属性

属性类型描述被定义在
behaviors array the behaviors that should be attached to this component. CApplicationComponent
encryptionKey string the private key used to encrypt/decrypt data. CSecurityManager
isInitialized boolean whether this application component has been initialized (i. CApplicationComponent
validation string hashing algorithm used to generate HMAC. CSecurityManager
validationKey string the private key used to generate HMAC. CSecurityManager

公共方法

隐藏继承的方法

方法描述被定义在
__call() Calls the named method which is not a class method. CComponent
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
asa() Returns the named behavior object. CComponent
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
decrypt() Decrypts data with EncryptionKey. CSecurityManager
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
encrypt() Encrypts data with EncryptionKey. CSecurityManager
getEncryptionKey() CSecurityManager
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
getIsInitialized() CApplicationComponent
getValidation() CSecurityManager
getValidationKey() CSecurityManager
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasProperty() Determines whether a property is defined. CComponent
hashData() Prefixes data with an HMAC. CSecurityManager
init() Initializes the application component. CApplicationComponent
raiseEvent() Raises an event. CComponent
setEncryptionKey() CSecurityManager
setValidation() CSecurityManager
setValidationKey() CSecurityManager
validateData() Validates if data is tampered. CSecurityManager

受保护的方法

隐藏继承的方法

方法描述被定义在
computeHMAC() Computes the HMAC for the data with ValidationKey. CSecurityManager
generateRandomKey() CSecurityManager

属性详情

encryptionKey 属性
public string getEncryptionKey()
public void setEncryptionKey(string $value)

the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

validation 属性
public string getValidation()
public void setValidation(string $value)

hashing algorithm used to generate HMAC. Defaults to 'SHA1'.

validationKey 属性
public string getValidationKey()
public void setValidationKey(string $value)

the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

方法详情

computeHMAC() 方法
protected string computeHMAC(string $data)
$data string data to be generated HMAC
{return} string the HMAC for the data

Computes the HMAC for the data with ValidationKey.

decrypt() 方法
public string decrypt(string $data)
$data string data to be decrypted.
{return} string the decrypted data

Decrypts data with EncryptionKey.

encrypt() 方法
public string encrypt(string $data)
$data string data to be encrypted.
{return} string the encrypted data

Encrypts data with EncryptionKey.

generateRandomKey() 方法
protected string generateRandomKey()
{return} string a randomly generated key

getEncryptionKey() 方法
public string getEncryptionKey()
{return} string the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

getValidation() 方法
public string getValidation()
{return} string hashing algorithm used to generate HMAC. Defaults to 'SHA1'.

getValidationKey() 方法
public string getValidationKey()
{return} string the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

hashData() 方法
public string hashData(string $data)
$data string data to be hashed.
{return} string data prefixed with HMAC

Prefixes data with an HMAC.

setEncryptionKey() 方法
public void setEncryptionKey(string $value)
$value string the key used to encrypt/decrypt data.

setValidation() 方法
public void setValidation(string $value)
$value string hashing algorithm used to generate HMAC. It must be either 'MD5' or 'SHA1'.

setValidationKey() 方法
public void setValidationKey(string $value)
$value string the key used to generate HMAC

validateData() 方法
public string validateData(string $data)
$data string data to be validated. The data must be previously generated using hashData().
{return} string the real data with HMAC stripped off. False if the data is tampered.

Validates if data is tampered.