TSecurityManager provides private keys, hashing and encryption
functionalities that may be used by other PRADO components,
such as viewstate persister, cookies.
TSecurityManager is mainly used to protect data from being tampered
and viewed. It can generate HMAC and encrypt the data.
The private key used to generate HMAC is set by {@link setValidationKey ValidationKey}.
The key used to encrypt data is specified by {@link setEncryptionKey EncryptionKey}.
If the above keys are not explicitly set, random keys will be generated
and used.
To prefix data with an HMAC, call {@link hashData()}.
To validate if data is tampered, call {@link validateData()}, which will
return the real data if it is not tampered.
The algorithm used to generated HMAC is specified by {@link setValidation Validation}.
To encrypt and decrypt data, call {@link encrypt()} and {@link decrypt()}
respectively. The encryption algorithm can be set by {@link setEncryption Encryption}.
Note, to use encryption, the PHP Mcrypt extension must be loaded.
public function testValidateData()
{
$sec = new TSecurityManager();
$sec->init(null);
$sec->setValidationKey('aKey');
$sec->setValidation('SHA1');
$hashed = $sec->hashData('A text to hash');
self::assertEquals('A text to hash', $sec->validateData($hashed));
// try to alter the hashed data
$hashed[45] = "z";
self::assertFalse($sec->validateData($hashed));
// and a test without tampered data
self::assertFalse($sec->validateData('bad'));
}
