Yii 1.1.0 Class Reference
Home » Documentation » Class Reference » CSecurityManager

CSecurityManager

Package system.base
Inheritance class CSecurityManager » CApplicationComponent » CComponent
Implements IApplicationComponent
Since 1.0
Version $Id: CSecurityManager.php 1678 2010-01-07 21:02:00Z qiang.xue $
CSecurityManager provides private keys, hashing and encryption functions.

CSecurityManager is used by Yii components and applications for security-related purpose. For example, it is used in cookie validation feature to prevent cookie data from being tampered.

CSecurityManager is mainly used to protect data from being tampered and viewed. It can generate HMAC and encrypt the data. The private key used to generate HMAC is set by ValidationKey. The key used to encrypt data is specified by EncryptionKey. If the above keys are not explicitly set, random keys will be generated and used.

To protected data with HMAC, call hashData(); and to check if the data is tampered, call validateData(), which will return the real data if it is not tampered. The algorithm used to generated HMAC is specified by Validation.

To encrypt and decrypt data, call encrypt() and decrypt() respectively, which uses 3DES encryption algorithm. Note, the PHP Mcrypt extension must be installed and loaded.

CSecurityManager is a core application component that can be accessed via CApplication::getSecurityManager().

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
behaviors array the behaviors that should be attached to this component. CApplicationComponent
encryptionKey string the private key used to encrypt/decrypt data. CSecurityManager
isInitialized boolean whether this application component has been initialized (i. CApplicationComponent
validation string hashing algorithm used to generate HMAC. CSecurityManager
validationKey string the private key used to generate HMAC. CSecurityManager

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. CComponent
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
asa() Returns the named behavior object. CComponent
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
decrypt() Decrypts data with EncryptionKey. CSecurityManager
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
encrypt() Encrypts data with EncryptionKey. CSecurityManager
evaluateExpression() Evaluates a PHP expression or callback under the context of this component. CComponent
getEncryptionKey() CSecurityManager
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
getIsInitialized() CApplicationComponent
getValidation() CSecurityManager
getValidationKey() CSecurityManager
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasProperty() Determines whether a property is defined. CComponent
hashData() Prefixes data with an HMAC. CSecurityManager
init() Initializes the application component. CApplicationComponent
raiseEvent() Raises an event. CComponent
setEncryptionKey() CSecurityManager
setValidation() CSecurityManager
setValidationKey() CSecurityManager
validateData() Validates if data is tampered. CSecurityManager

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
computeHMAC() Computes the HMAC for the data with ValidationKey. CSecurityManager
generateRandomKey() CSecurityManager

Property Details

encryptionKey property
public string getEncryptionKey()
public void setEncryptionKey(string $value)

the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

validation property
public string getValidation()
public void setValidation(string $value)

hashing algorithm used to generate HMAC. Defaults to 'SHA1'.

validationKey property
public string getValidationKey()
public void setValidationKey(string $value)

the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

Method Details

computeHMAC() method
protected string computeHMAC(string $data)
$data string data to be generated HMAC
{return} string the HMAC for the data

Computes the HMAC for the data with ValidationKey.

decrypt() method
public string decrypt(string $data)
$data string data to be decrypted.
{return} string the decrypted data

Decrypts data with EncryptionKey.

encrypt() method
public string encrypt(string $data)
$data string data to be encrypted.
{return} string the encrypted data

Encrypts data with EncryptionKey.

generateRandomKey() method
protected string generateRandomKey()
{return} string a randomly generated key

getEncryptionKey() method
public string getEncryptionKey()
{return} string the private key used to encrypt/decrypt data. If the key is not explicitly set, a random one is generated and returned.

getValidation() method
public string getValidation()
{return} string hashing algorithm used to generate HMAC. Defaults to 'SHA1'.

getValidationKey() method
public string getValidationKey()
{return} string the private key used to generate HMAC. If the key is not explicitly set, a random one is generated and returned.

hashData() method
public string hashData(string $data)
$data string data to be hashed.
{return} string data prefixed with HMAC

Prefixes data with an HMAC.

setEncryptionKey() method
public void setEncryptionKey(string $value)
$value string the key used to encrypt/decrypt data.

setValidation() method
public void setValidation(string $value)
$value string hashing algorithm used to generate HMAC. It must be either 'MD5' or 'SHA1'.

setValidationKey() method
public void setValidationKey(string $value)
$value string the key used to generate HMAC

validateData() method
public string validateData(string $data)
$data string data to be validated. The data must be previously generated using hashData().
{return} string the real data with HMAC stripped off. False if the data is tampered.

Validates if data is tampered.


Your Comment:

You may enter comment using Markdown syntax.

Please login with your forum account.
Note: you must have at least ONE forum post with your account.