統計
| ブランチ: | リビジョン:

pictcode / lib / Cake / Utility / Security.php @ 635eef61

履歴 | 表示 | アノテート | ダウンロード (11.271 KB)

1 635eef61 spyder1211
<?php
2
/**
3
 * Core Security
4
 *
5
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
6
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
7
 *
8
 * Licensed under The MIT License
9
 * For full copyright and license information, please see the LICENSE.txt
10
 * Redistributions of files must retain the above copyright notice.
11
 *
12
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
13
 * @link          http://cakephp.org CakePHP(tm) Project
14
 * @package       Cake.Utility
15
 * @since         CakePHP(tm) v .0.10.0.1233
16
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
17
 */
18
19
App::uses('CakeText', 'Utility');
20
21
/**
22
 * Security Library contains utility methods related to security
23
 *
24
 * @package       Cake.Utility
25
 */
26
class Security {
27
28
/**
29
 * Default hash method
30
 *
31
 * @var string
32
 */
33
        public static $hashType = null;
34
35
/**
36
 * Default cost
37
 *
38
 * @var string
39
 */
40
        public static $hashCost = '10';
41
42
/**
43
 * Get allowed minutes of inactivity based on security level.
44
 *
45
 * @deprecated 3.0.0 Exists for backwards compatibility only, not used by the core
46
 * @return int Allowed inactivity in minutes
47
 */
48
        public static function inactiveMins() {
49
                switch (Configure::read('Security.level')) {
50
                        case 'high':
51
                                return 10;
52
                        case 'medium':
53
                                return 100;
54
                        case 'low':
55
                        default:
56
                                return 300;
57
                }
58
        }
59
60
/**
61
 * Generate authorization hash.
62
 *
63
 * @return string Hash
64
 */
65
        public static function generateAuthKey() {
66
                return Security::hash(CakeText::uuid());
67
        }
68
69
/**
70
 * Validate authorization hash.
71
 *
72
 * @param string $authKey Authorization hash
73
 * @return bool Success
74
 */
75
        public static function validateAuthKey($authKey) {
76
                return true;
77
        }
78
79
/**
80
 * Create a hash from string using given method or fallback on next available method.
81
 *
82
 * #### Using Blowfish
83
 *
84
 * - Creating Hashes: *Do not supply a salt*. Cake handles salt creation for
85
 * you ensuring that each hashed password will have a *unique* salt.
86
 * - Comparing Hashes: Simply pass the originally hashed password as the salt.
87
 * The salt is prepended to the hash and php handles the parsing automagically.
88
 * For convenience the `BlowfishPasswordHasher` class is available for use with
89
 * the AuthComponent.
90
 * - Do NOT use a constant salt for blowfish!
91
 *
92
 * Creating a blowfish/bcrypt hash:
93
 *
94
 * ```
95
 *         $hash = Security::hash($password, 'blowfish');
96
 * ```
97
 *
98
 * @param string $string String to hash
99
 * @param string $type Method to use (sha1/sha256/md5/blowfish)
100
 * @param mixed $salt If true, automatically prepends the application's salt
101
 *     value to $string (Security.salt). If you are using blowfish the salt
102
 *     must be false or a previously generated salt.
103
 * @return string Hash
104
 * @link http://book.cakephp.org/2.0/en/core-utility-libraries/security.html#Security::hash
105
 */
106
        public static function hash($string, $type = null, $salt = false) {
107
                if (empty($type)) {
108
                        $type = static::$hashType;
109
                }
110
                $type = strtolower($type);
111
112
                if ($type === 'blowfish') {
113
                        return static::_crypt($string, $salt);
114
                }
115
                if ($salt) {
116
                        if (!is_string($salt)) {
117
                                $salt = Configure::read('Security.salt');
118
                        }
119
                        $string = $salt . $string;
120
                }
121
122
                if (!$type || $type === 'sha1') {
123
                        if (function_exists('sha1')) {
124
                                return sha1($string);
125
                        }
126
                        $type = 'sha256';
127
                }
128
129
                if ($type === 'sha256' && function_exists('mhash')) {
130
                        return bin2hex(mhash(MHASH_SHA256, $string));
131
                }
132
133
                if (function_exists('hash')) {
134
                        return hash($type, $string);
135
                }
136
                return md5($string);
137
        }
138
139
/**
140
 * Sets the default hash method for the Security object. This affects all objects using
141
 * Security::hash().
142
 *
143
 * @param string $hash Method to use (sha1/sha256/md5/blowfish)
144
 * @return void
145
 * @see Security::hash()
146
 */
147
        public static function setHash($hash) {
148
                static::$hashType = $hash;
149
        }
150
151
/**
152
 * Sets the cost for they blowfish hash method.
153
 *
154
 * @param int $cost Valid values are 4-31
155
 * @return void
156
 */
157
        public static function setCost($cost) {
158
                if ($cost < 4 || $cost > 31) {
159
                        trigger_error(__d(
160
                                'cake_dev',
161
                                'Invalid value, cost must be between %s and %s',
162
                                array(4, 31)
163
                        ), E_USER_WARNING);
164
                        return null;
165
                }
166
                static::$hashCost = $cost;
167
        }
168
169
/**
170
 * Runs $text through a XOR cipher.
171
 *
172
 * *Note* This is not a cryptographically strong method and should not be used
173
 * for sensitive data. Additionally this method does *not* work in environments
174
 * where suhosin is enabled.
175
 *
176
 * Instead you should use Security::rijndael() when you need strong
177
 * encryption.
178
 *
179
 * @param string $text Encrypted string to decrypt, normal string to encrypt
180
 * @param string $key Key to use
181
 * @return string Encrypted/Decrypted string
182
 * @deprecated 3.0.0 Will be removed in 3.0.
183
 */
184
        public static function cipher($text, $key) {
185
                if (empty($key)) {
186
                        trigger_error(__d('cake_dev', 'You cannot use an empty key for %s', 'Security::cipher()'), E_USER_WARNING);
187
                        return '';
188
                }
189
190
                srand(Configure::read('Security.cipherSeed'));
191
                $out = '';
192
                $keyLength = strlen($key);
193
                for ($i = 0, $textLength = strlen($text); $i < $textLength; $i++) {
194
                        $j = ord(substr($key, $i % $keyLength, 1));
195
                        while ($j--) {
196
                                rand(0, 255);
197
                        }
198
                        $mask = rand(0, 255);
199
                        $out .= chr(ord(substr($text, $i, 1)) ^ $mask);
200
                }
201
                srand();
202
                return $out;
203
        }
204
205
/**
206
 * Encrypts/Decrypts a text using the given key using rijndael method.
207
 *
208
 * Prior to 2.3.1, a fixed initialization vector was used. This was not
209
 * secure. This method now uses a random iv, and will silently upgrade values when
210
 * they are re-encrypted.
211
 *
212
 * @param string $text Encrypted string to decrypt, normal string to encrypt
213
 * @param string $key Key to use as the encryption key for encrypted data.
214
 * @param string $operation Operation to perform, encrypt or decrypt
215
 * @return string Encrypted/Decrypted string
216
 */
217
        public static function rijndael($text, $key, $operation) {
218
                if (empty($key)) {
219
                        trigger_error(__d('cake_dev', 'You cannot use an empty key for %s', 'Security::rijndael()'), E_USER_WARNING);
220
                        return '';
221
                }
222
                if (empty($operation) || !in_array($operation, array('encrypt', 'decrypt'))) {
223
                        trigger_error(__d('cake_dev', 'You must specify the operation for Security::rijndael(), either encrypt or decrypt'), E_USER_WARNING);
224
                        return '';
225
                }
226
                if (strlen($key) < 32) {
227
                        trigger_error(__d('cake_dev', 'You must use a key larger than 32 bytes for Security::rijndael()'), E_USER_WARNING);
228
                        return '';
229
                }
230
                $algorithm = MCRYPT_RIJNDAEL_256;
231
                $mode = MCRYPT_MODE_CBC;
232
                $ivSize = mcrypt_get_iv_size($algorithm, $mode);
233
234
                $cryptKey = substr($key, 0, 32);
235
236
                if ($operation === 'encrypt') {
237
                        $iv = mcrypt_create_iv($ivSize, MCRYPT_RAND);
238
                        return $iv . '$$' . mcrypt_encrypt($algorithm, $cryptKey, $text, $mode, $iv);
239
                }
240
                // Backwards compatible decrypt with fixed iv
241
                if (substr($text, $ivSize, 2) !== '$$') {
242
                        $iv = substr($key, strlen($key) - 32, 32);
243
                        return rtrim(mcrypt_decrypt($algorithm, $cryptKey, $text, $mode, $iv), "\0");
244
                }
245
                $iv = substr($text, 0, $ivSize);
246
                $text = substr($text, $ivSize + 2);
247
                return rtrim(mcrypt_decrypt($algorithm, $cryptKey, $text, $mode, $iv), "\0");
248
        }
249
250
/**
251
 * Generates a pseudo random salt suitable for use with php's crypt() function.
252
 * The salt length should not exceed 27. The salt will be composed of
253
 * [./0-9A-Za-z]{$length}.
254
 *
255
 * @param int $length The length of the returned salt
256
 * @return string The generated salt
257
 */
258
        protected static function _salt($length = 22) {
259
                $salt = str_replace(
260
                        array('+', '='),
261
                        '.',
262
                        base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))
263
                );
264
                return substr($salt, 0, $length);
265
        }
266
267
/**
268
 * One way encryption using php's crypt() function. To use blowfish hashing see ``Security::hash()``
269
 *
270
 * @param string $password The string to be encrypted.
271
 * @param mixed $salt false to generate a new salt or an existing salt.
272
 * @return string The hashed string or an empty string on error.
273
 */
274
        protected static function _crypt($password, $salt = false) {
275
                if ($salt === false) {
276
                        $salt = static::_salt(22);
277
                        $salt = vsprintf('$2a$%02d$%s', array(static::$hashCost, $salt));
278
                }
279
280
                $invalidCipher = (
281
                        strpos($salt, '$2y$') !== 0 &&
282
                        strpos($salt, '$2x$') !== 0 &&
283
                        strpos($salt, '$2a$') !== 0
284
                );
285
                if ($salt === true || $invalidCipher || strlen($salt) < 29) {
286
                        trigger_error(__d(
287
                                'cake_dev',
288
                                'Invalid salt: %s for %s Please visit http://www.php.net/crypt and read the appropriate section for building %s salts.',
289
                                array($salt, 'blowfish', 'blowfish')
290
                        ), E_USER_WARNING);
291
                        return '';
292
                }
293
                return crypt($password, $salt);
294
        }
295
296
/**
297
 * Encrypt a value using AES-256.
298
 *
299
 * *Caveat* You cannot properly encrypt/decrypt data with trailing null bytes.
300
 * Any trailing null bytes will be removed on decryption due to how PHP pads messages
301
 * with nulls prior to encryption.
302
 *
303
 * @param string $plain The value to encrypt.
304
 * @param string $key The 256 bit/32 byte key to use as a cipher key.
305
 * @param string $hmacSalt The salt to use for the HMAC process. Leave null to use Security.salt.
306
 * @return string Encrypted data.
307
 * @throws CakeException On invalid data or key.
308
 */
309
        public static function encrypt($plain, $key, $hmacSalt = null) {
310
                static::_checkKey($key, 'encrypt()');
311
312
                if ($hmacSalt === null) {
313
                        $hmacSalt = Configure::read('Security.salt');
314
                }
315
316
                // Generate the encryption and hmac key.
317
                $key = substr(hash('sha256', $key . $hmacSalt), 0, 32);
318
319
                $algorithm = MCRYPT_RIJNDAEL_128;
320
                $mode = MCRYPT_MODE_CBC;
321
322
                $ivSize = mcrypt_get_iv_size($algorithm, $mode);
323
                $iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
324
                $ciphertext = $iv . mcrypt_encrypt($algorithm, $key, $plain, $mode, $iv);
325
                $hmac = hash_hmac('sha256', $ciphertext, $key);
326
                return $hmac . $ciphertext;
327
        }
328
329
/**
330
 * Check the encryption key for proper length.
331
 *
332
 * @param string $key Key to check.
333
 * @param string $method The method the key is being checked for.
334
 * @return void
335
 * @throws CakeException When key length is not 256 bit/32 bytes
336
 */
337
        protected static function _checkKey($key, $method) {
338
                if (strlen($key) < 32) {
339
                        throw new CakeException(__d('cake_dev', 'Invalid key for %s, key must be at least 256 bits (32 bytes) long.', $method));
340
                }
341
        }
342
343
/**
344
 * Decrypt a value using AES-256.
345
 *
346
 * @param string $cipher The ciphertext to decrypt.
347
 * @param string $key The 256 bit/32 byte key to use as a cipher key.
348
 * @param string $hmacSalt The salt to use for the HMAC process. Leave null to use Security.salt.
349
 * @return string Decrypted data. Any trailing null bytes will be removed.
350
 * @throws CakeException On invalid data or key.
351
 */
352
        public static function decrypt($cipher, $key, $hmacSalt = null) {
353
                static::_checkKey($key, 'decrypt()');
354
                if (empty($cipher)) {
355
                        throw new CakeException(__d('cake_dev', 'The data to decrypt cannot be empty.'));
356
                }
357
                if ($hmacSalt === null) {
358
                        $hmacSalt = Configure::read('Security.salt');
359
                }
360
361
                // Generate the encryption and hmac key.
362
                $key = substr(hash('sha256', $key . $hmacSalt), 0, 32);
363
364
                // Split out hmac for comparison
365
                $macSize = 64;
366
                $hmac = substr($cipher, 0, $macSize);
367
                $cipher = substr($cipher, $macSize);
368
369
                $compareHmac = hash_hmac('sha256', $cipher, $key);
370
                if ($hmac !== $compareHmac) {
371
                        return false;
372
                }
373
374
                $algorithm = MCRYPT_RIJNDAEL_128;
375
                $mode = MCRYPT_MODE_CBC;
376
                $ivSize = mcrypt_get_iv_size($algorithm, $mode);
377
378
                $iv = substr($cipher, 0, $ivSize);
379
                $cipher = substr($cipher, $ivSize);
380
                $plain = mcrypt_decrypt($algorithm, $key, $cipher, $mode, $iv);
381
                return rtrim($plain, "\0");
382
        }
383
384
}