Security Library contains utility methods related to security
object|nullThe crypto implementation to use.
string|nullThe HMAC salt to use for encryption and decryption routines
stringDefault hash method. If $type param for Security::hash() is not specified this value is used. Defaults to 'sha1'.
Check the encryption key for proper length.
A timing attack resistant comparison that prefers native PHP implementations.
Decrypt a value using AES-256.
Encrypt a value using AES-256.
Get the crypto implementation based on the loaded extensions.
Gets the HMAC salt to be used for encryption/decryption routines.
Create a hash from string using given method.
Like randomBytes() above, but not cryptographically secure.
Get random bytes from a secure source.
Creates a secure random string.
Sets the default hash method for the Security object. This affects all objects using Security::hash().
Sets the HMAC salt to be used for encryption/decryption routines.
_checkKey(string $key, string $method): void
Check the encryption key for proper length.
string $key Key to check.
string $method The method the key is being checked for.
voidInvalidArgumentExceptionconstantEquals(mixed $original, mixed $compare): bool
A timing attack resistant comparison that prefers native PHP implementations.
mixed $original The original value.
mixed $compare The comparison value.
booldecrypt(string $cipher, string $key, string|null $hmacSalt = null): string|null
Decrypt a value using AES-256.
string $cipher The ciphertext to decrypt.
string $key The 256 bit/32 byte key to use as a cipher key.
string|null $hmacSalt optional The salt to use for the HMAC process. Leave null to use value of Security::getSalt().
string|nullInvalidArgumentExceptionencrypt(string $plain, string $key, string|null $hmacSalt = null): string
Encrypt a value using AES-256.
Caveat You cannot properly encrypt/decrypt data with trailing null bytes. Any trailing null bytes will be removed on decryption due to how PHP pads messages with nulls prior to encryption.
string $plain The value to encrypt.
string $key The 256 bit/32 byte key to use as a cipher key.
string|null $hmacSalt optional The salt to use for the HMAC process. Leave null to use value of Security::getSalt().
stringInvalidArgumentExceptionengine(Cake\Utility\Crypto\OpenSsl|null $instance = null): Cake\Utility\Crypto\OpenSsl
Get the crypto implementation based on the loaded extensions.
You can use this method to forcibly decide between openssl/custom implementations.
Cake\Utility\Crypto\OpenSsl|null $instance optional The crypto instance to use.
Cake\Utility\Crypto\OpenSslInvalidArgumentExceptiongetSalt(): string
Gets the HMAC salt to be used for encryption/decryption routines.
stringhash(string $string, string|null $algorithm = null, mixed $salt = false): string
Create a hash from string using given method.
string $string String to hash
string|null $algorithm optional Hashing algo to use (i.e. sha1, sha256 etc.). Can be any valid algo included in list returned by hash_algos(). If no value is passed the type specified by Security::$hashType is used.
mixed $salt optional If true, automatically prepends the value returned by Security::getSalt() to $string.
stringRuntimeExceptioninsecureRandomBytes(int $length): string
Like randomBytes() above, but not cryptographically secure.
int $length The number of bytes you want.
stringrandomBytes(int $length): string
Get random bytes from a secure source.
This method will fall back to an insecure source an trigger a warning if it cannot find a secure source of random data.
int $length The number of bytes you want.
stringrandomString(int $length = 64): string
Creates a secure random string.
int $length optional String length. Default 64.
stringsetHash(string $hash): void
Sets the default hash method for the Security object. This affects all objects using Security::hash().
string $hash Method to use (sha1/sha256/md5 etc.)
voidsetSalt(string $salt): void
Sets the HMAC salt to be used for encryption/decryption routines.
string $salt The salt to use for encryption routines.
voidThe crypto implementation to use.
object|nullThe HMAC salt to use for encryption and decryption routines
string|nullDefault hash method. If $type param for Security::hash() is not specified this value is used. Defaults to 'sha1'.
string
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.4/class-Cake.Utility.Security.html