Security Library contains utility methods related to security
objectThe crypto implementation to use.
string|nullThe HMAC salt to use for encryption and decryption routines
stringDefault hash method. If $type param for Security::hash() is not specified this value is used. Defaults to 'sha1'.
A timing attack resistant comparison that prefers native PHP implementations.
Sets the default hash method for the Security object. This affects all objects using Security::hash().
_checkKey(string $key, string $method)
Check the encryption key for proper length.
string $key Key to check.
string $method The method the key is being checked for.
InvalidArgumentExceptionconstantEquals(mixed $original, mixed $compare)
A timing attack resistant comparison that prefers native PHP implementations.
mixed $original The original value.
mixed $compare The comparison value.
booldecrypt(string $cipher, string $key, ?string $hmacSalt)
Decrypt a value using AES-256.
string $cipher The ciphertext to decrypt.
string $key The 256 bit/32 byte key to use as a cipher key.
string|null $hmacSalt optional The salt to use for the HMAC process. Leave null to use value of Security::getSalt().
string|nullDecrypted data. Any trailing null bytes will be removed.
InvalidArgumentExceptionencrypt(string $plain, string $key, ?string $hmacSalt)
Encrypt a value using AES-256.
Caveat You cannot properly encrypt/decrypt data with trailing null bytes. Any trailing null bytes will be removed on decryption due to how PHP pads messages with nulls prior to encryption.
string $plain The value to encrypt.
string $key The 256 bit/32 byte key to use as a cipher key.
string|null $hmacSalt optional The salt to use for the HMAC process. Leave null to use value of Security::getSalt().
stringEncrypted data.
InvalidArgumentExceptionengine(mixed $instance)
Get the crypto implementation based on the loaded extensions.
You can use this method to forcibly decide between openssl/custom implementations.
\Cake\Utility\Crypto\OpenSsl|null $instance optional The crypto instance to use.
\Cake\Utility\Crypto\OpenSslCrypto instance.
InvalidArgumentExceptiongetSalt()
Gets the HMAC salt to be used for encryption/decryption routines.
stringThe currently configured salt
hash(string $string, ?string $algorithm, mixed $salt)
Create a hash from string using given method.
string $string String to hash
string|null $algorithm optional Hashing algo to use (i.e. sha1, sha256 etc.). Can be any valid algo included in list returned by hash_algos(). If no value is passed the type specified by Security::$hashType is used.
mixed $salt optional If true, automatically prepends the value returned by Security::getSalt() to $string.
stringHash
RuntimeExceptioninsecureRandomBytes(int $length)
Like randomBytes() above, but not cryptographically secure.
int $length The number of bytes you want.
stringRandom bytes in binary.
randomBytes(int $length)
Get random bytes from a secure source.
This method will fall back to an insecure source an trigger a warning if it cannot find a secure source of random data.
int $length The number of bytes you want.
stringRandom bytes in binary.
randomString(int $length)
Creates a secure random string.
int $length optional String length. Default 64.
stringsetHash(string $hash)
Sets the default hash method for the Security object. This affects all objects using Security::hash().
string $hash Method to use (sha1/sha256/md5 etc.)
setSalt(string $salt)
Sets the HMAC salt to be used for encryption/decryption routines.
string $salt The salt to use for encryption routines.
The crypto implementation to use.
objectThe HMAC salt to use for encryption and decryption routines
string|nullDefault hash method. If $type param for Security::hash() is not specified this value is used. Defaults to 'sha1'.
string
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.1/class-Cake.Utility.Security.html