Navigation Menu

Skip to content

Commit

Permalink
Removing the coupling between Security and Configure
Browse files Browse the repository at this point in the history 
Now the application will need to call Security::salt() directly
  • Loading branch information
@lorenzo
lorenzo committed Sep 7, 2014
1 parent cce1c89 commit c5a1c16
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 5 deletions.
28 changes: 24 additions & 4 deletions src/Utility/Security.php
View file
Expand Up @@ -14,7 +14,6 @@
*/
namespace Cake\Utility;

use Cake\Core\Configure;
use InvalidArgumentException;

/**
Expand All @@ -31,6 +30,13 @@ class Security {
*/
public static $hashType = 'sha1';

/**
* The HMAC salt to use for encryption and decryption routines
*
* @var string
*/
protected static $_salt;

/**
* Generate authorization hash.
*
Expand Down Expand Up @@ -60,7 +66,7 @@ public static function hash($string, $type = null, $salt = false) {

if ($salt) {
if (!is_string($salt)) {
$salt = Configure::read('Security.salt');
$salt = static::$_salt;
}
$string = $salt . $string;
}
Expand Down Expand Up @@ -131,7 +137,7 @@ public static function encrypt($plain, $key, $hmacSalt = null) {
self::_checkKey($key, 'encrypt()');

if ($hmacSalt === null) {
$hmacSalt = Configure::read('Security.salt');
$hmacSalt = static::$_salt;
}

// Generate the encryption and hmac key.
Expand Down Expand Up @@ -178,7 +184,7 @@ public static function decrypt($cipher, $key, $hmacSalt = null) {
throw new InvalidArgumentException('The data to decrypt cannot be empty.');
}
if ($hmacSalt === null) {
$hmacSalt = Configure::read('Security.salt');
$hmacSalt = static::$_salt;
}

// Generate the encryption and hmac key.
Expand All @@ -204,4 +210,18 @@ public static function decrypt($cipher, $key, $hmacSalt = null) {
return rtrim($plain, "\0");
}

/**
* Gets or sets the HMAC salt to be used for encryption/decryption
* routines.
*
* @param string $salt The salt to use for encryption routines
* @return string The currently configured salt
*/
public static function salt($salt = null) {
if ($salt === null) {
return static::$_salt;
}
return static::$_salt = (string)$salt;
}

}
11 changes: 10 additions & 1 deletion tests/TestCase/Utility/SecurityTest.php
View file
Expand Up @@ -14,7 +14,6 @@
*/
namespace Cake\Test\TestCase\Utility;

use Cake\Core\Configure;
use Cake\TestSuite\TestCase;
use Cake\Utility\Security;

Expand Down Expand Up @@ -246,4 +245,14 @@ public function testDecryptInvalidData() {
Security::decrypt($txt, $key);
}

/**
* Tests that the salt can be set and retrieved
*
* @return void
*/
public function testSalt() {
Security::salt('foobarbaz');
$this->assertEquals('foobarbaz', Security::salt());
}

}

0 comments on commit c5a1c16

Please sign in to comment.