function __password($compareTo, $password, $check = true) { $security = Security::getInstance(); $salt = Configure::read('Security.salt'); if ($check === true) { if ($security->hash($salt . $password) === $compareTo) { return true; } else { return false; } } else { $genPassword = $security->hash($salt . $password); return $genPassword; } }
/** * testHash method * * @access public * @return void */ function testHash() { $Security = Security::getInstance(); $_hashType = $Security->hashType; $key = 'someKey'; $hash = 'someHash'; $this->assertIdentical(strlen(Security::hash($key, null, false)), 40); $this->assertIdentical(strlen(Security::hash($key, 'sha1', false)), 40); $this->assertIdentical(strlen(Security::hash($key, null, true)), 40); $this->assertIdentical(strlen(Security::hash($key, 'sha1', true)), 40); $result = Security::hash($key, null, $hash); $this->assertIdentical($result, 'e38fcb877dccb6a94729a81523851c931a46efb1'); $result = Security::hash($key, 'sha1', $hash); $this->assertIdentical($result, 'e38fcb877dccb6a94729a81523851c931a46efb1'); $hashType = 'sha1'; Security::setHash($hashType); $this->assertIdentical($this->sut->hashType, $hashType); $this->assertIdentical(strlen(Security::hash($key, null, true)), 40); $this->assertIdentical(strlen(Security::hash($key, null, false)), 40); $this->assertIdentical(strlen(Security::hash($key, 'md5', false)), 32); $this->assertIdentical(strlen(Security::hash($key, 'md5', true)), 32); $hashType = 'md5'; Security::setHash($hashType); $this->assertIdentical($this->sut->hashType, $hashType); $this->assertIdentical(strlen(Security::hash($key, null, false)), 32); $this->assertIdentical(strlen(Security::hash($key, null, true)), 32); if (!function_exists('hash') && !function_exists('mhash')) { $this->assertIdentical(strlen(Security::hash($key, 'sha256', false)), 32); $this->assertIdentical(strlen(Security::hash($key, 'sha256', true)), 32); } else { $this->assertIdentical(strlen(Security::hash($key, 'sha256', false)), 64); $this->assertIdentical(strlen(Security::hash($key, 'sha256', true)), 64); } Security::setHash($_hashType); }
/** * Sets the default hash method for the Security object. This affects all objects using * Security::hash(). * * @param string $hash Method to use (sha1/sha256/md5) * @access public * @return void * @static * @see Security::hash() */ function setHash($hash) { $_this =& Security::getInstance(); $_this->hashType = $hash; }
/** * setUp method * * @access public * @return void */ function setUp() { $this->sut =& Security::getInstance(); }
/** * Encrypts/Decrypts a text using the given key. * * @param string $text Encrypted string to decrypt, normal string to encrypt * @param string $key Key to use * @return string Encrypted/Decrypted string * @access public * @static */ function cipher($text, $key) { if (empty($key)) { //trigger_error(__('You cannot use an empty key for Security::cipher()', true), E_USER_WARNING); return ''; } $_this =& Security::getInstance(); if (!defined('CIPHER_SEED')) { //This is temporary will change later define('CIPHER_SEED', '76859309657453542496749683645'); } srand(CIPHER_SEED); $out = ''; for ($i = 0; $i < strlen($text); $i++) { for ($j = 0; $j < ord(substr($key, $i % strlen($key), 1)); $j++) { $toss = rand(0, 255); } $mask = rand(0, 255); $out .= chr(ord(substr($text, $i, 1)) ^ $mask); } return $out; }
/** * Security class constructor */ function __construct() { $this->Security = Security::getInstance(); }
/** * Generates a unique authkey * * @return mixed * @access public */ function generateAuthKey() { $_this =& Security::getInstance(); return $_this->hash(uniqid(rand(), true)); }
/** * Encripts/Decrypts a text using the given key. * * @param string $text Encrypted string to decrypt, normal string to encrypt * @param string $key Key to use * @return string Encrypted/Decrypted string * @access public * @static */ function cipher($text, $key) { $_this =& Security::getInstance(); if (!defined('CIPHER_SEED')) { //This is temporary will change later define('CIPHER_SEED', '76859309657453542496749683645'); } srand(CIPHER_SEED); $out = ''; for ($i = 0; $i < strlen($text); $i++) { for ($j = 0; $j < ord(substr($key, $i % strlen($key), 1)); $j++) { $toss = rand(0, 255); } $mask = rand(0, 255); $out .= chr(ord(substr($text, $i, 1)) ^ $mask); } return $out; }