Remove Security.cipherSeed.

It is no longer used in CakePHP core and should be removed.

App/Config/app.php

@@ -76,13 +76,10 @@
  * The level of CakePHP security.
  *
  * - salt - A random string used in security hashing methods.
- * - cipherSeed - A random numeric string (digits only) used to seed 
- *   the xor cipher functions in Security.
+ *   The salt value is also used as the encryption key. You should treat it
+ *   as extremely sensitive data.
  */
-	Configure::write('Security', [
-		'salt' => 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi',
-		'cipherSeed' => '76859309657453542496749683645',
-	]);
+	Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
 
 /**
  * Apply timestamps with the last modified time to static assets (js, css, images).

lib/Cake/Console/Command/Task/ProjectTask.php

@@ -98,13 +98,6 @@ public function execute() {
 				$success = false;
 			}
 
-			if ($this->securityCipherSeed($path) === true) {
-				$this->out(__d('cake_console', ' * Random seed created for \'Security.cipherSeed\''));
-			} else {
-				$this->err(__d('cake_console', 'Unable to generate random seed for \'Security.cipherSeed\', you should change it in %s', APP . 'Config' . DS . 'app.php'));
-				$success = false;
-			}
-
 			if ($this->cachePrefix($path)) {
 				$this->out(__d('cake_console', ' * Cache prefix set'));
 			} else {
@@ -287,7 +280,7 @@ public function securitySalt($path) {
 		$contents = $File->read();
 		$newSalt = Security::generateAuthKey();
 		$contents = preg_replace(
-			"/^(\s+'salt'\s+\=\>\s+')([^']+)(',)/m",
+			"/('Security.salt',\s+')([^']+)(')/m",
 			'${1}' . $newSalt . '\\3',
 			$contents,
 			-1,
@@ -299,29 +292,6 @@ public function securitySalt($path) {
 		return false;
 	}
 
-/**
- * Generates and writes 'Security.cipherSeed'
- *
- * @param string $path Project path
- * @return boolean Success
- */
-	public function securityCipherSeed($path) {
-		$File = new File($path . 'Config/app.php');
-		$contents = $File->read();
-		$newCipher = substr(bin2hex(Security::generateAuthKey()), 0, 30);
-		$contents = preg_replace(
-			"/^(\s+'cipherSeed'\s+\=\>\s+')([^']+)(',)/m",
-			'${1}' . $newCipher . '\\3',
-			$contents,
-			-1,
-			$count
-		);
-		if ($count && $File->write($contents)) {
-			return true;
-		}
-		return false;
-	}
-
 /**
  * Writes cache prefix using app's name
  *

lib/Cake/Console/Templates/skel/Config/app.php

@@ -76,13 +76,10 @@
  * The level of CakePHP security.
  *
  * - salt - A random string used in security hashing methods.
- * - cipherSeed - A random numeric string (digits only) used to seed
- *   the xor cipher functions in Security.
+ *   The salt value is also used as the encryption key. You should treat it
+ *   as extremely sensitive data.
  */
-	Configure::write('Security', [
-		'salt' => 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi',
-		'cipherSeed' => '76859309657453542496749683645',
-	]);
+	Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
 
 /**
  * Apply timestamps with the last modified time to static assets (js, css, images).

lib/Cake/Console/Templates/skel/Config/core.php

@@ -199,11 +199,6 @@
  */
 	Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
 
-/**
- * A random numeric string (digits only) used to encrypt/decrypt strings.
- */
-	Configure::write('Security.cipherSeed', '76859309657453542496749683645');
-
 /**
  * Apply timestamps with the last modified time to static assets (js, css, images).
  * Will append a query string parameter containing the time the file was modified. This is

lib/Cake/Test/TestCase/Console/Command/Task/ProjectTaskTest.php

@@ -248,23 +248,6 @@ public function testSecuritySaltGeneration() {
 		$this->assertNotRegExp('/DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi/', $contents, 'Default Salt left behind. %s');
 	}
 
-/**
- * test generation of Security.cipherSeed
- *
- * @return void
- */
-	public function testSecurityCipherSeedGeneration() {
-		$this->_setupTestProject();
-
-		$path = $this->Task->path . 'BakeTestApp/';
-		$result = $this->Task->securityCipherSeed($path);
-		$this->assertTrue($result);
-
-		$File = new File($path . 'Config/app.php');
-		$contents = $File->read();
-		$this->assertNotRegExp('/76859309657453542496749683645/', $contents, 'Default CipherSeed left behind. %s');
-	}
-
 /**
  * test generation of cache prefix
  *

lib/Cake/Test/TestCase/Controller/Component/AuthComponentTest.php

@@ -72,7 +72,6 @@ public function setUp() {
 		$this->markTestIncomplete('Need to revisit once models work again.');
 
 		Configure::write('Security.salt', 'YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
-		Configure::write('Security.cipherSeed', 770011223369876);
 		Configure::write('App.namespace', 'TestApp');
 
 		$request = new Request();

lib/Cake/Test/TestCase/Core/ObjectTest.php

@@ -198,7 +198,6 @@ public function setUp() {
 		$this->object = new TestObject();
 		Configure::write('App.namespace', 'TestApp');
 		Configure::write('Security.salt', 'not-the-default');
-		Configure::write('Security.cipherSeed', '123456');
 		Log::disable('stdout');
 		Log::disable('stderr');
 	}

lib/Cake/Utility/Debugger.php

@@ -850,10 +850,6 @@ public static function checkSecurityKeys() {
 		if (Configure::read('Security.salt') === 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi') {
 			trigger_error(__d('cake_dev', 'Please change the value of \'Security.salt\' in App/Config/app.php to a salt value specific to your application'), E_USER_NOTICE);
 		}
-
-		if (Configure::read('Security.cipherSeed') === '76859309657453542496749683645') {
-			trigger_error(__d('cake_dev', 'Please change the value of \'Security.cipherSeed\' in app/Config/app.php to a numeric (digits only) seed value specific to your application'), E_USER_NOTICE);
-		}
 	}
 
 }