Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Y
yii2
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
PSDI Army
yii2
Commits
b680afc7
Commit
b680afc7
authored
Jul 26, 2014
by
Qiang Xue
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixes #4462.
parent
54bfe075
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
9 additions
and
5 deletions
+9
-5
Security.php
framework/base/Security.php
+9
-5
No files found.
framework/base/Security.php
View file @
b680afc7
...
@@ -45,6 +45,7 @@ class Security extends Component
...
@@ -45,6 +45,7 @@ class Security extends Component
public
$passwordHashStrategy
=
'crypt'
;
public
$passwordHashStrategy
=
'crypt'
;
/**
/**
* Cipher algorithm for mcrypt module.
* AES has 128-bit block size and three key sizes: 128, 192 and 256 bits.
* AES has 128-bit block size and three key sizes: 128, 192 and 256 bits.
* mcrypt offers the Rijndael cipher with block sizes of 128, 192 and 256
* mcrypt offers the Rijndael cipher with block sizes of 128, 192 and 256
* bits but only the 128-bit Rijndael is standardized in AES.
* bits but only the 128-bit Rijndael is standardized in AES.
...
@@ -52,9 +53,12 @@ class Security extends Component
...
@@ -52,9 +53,12 @@ class Security extends Component
* chooses the appropriate AES based on the length of the supplied key.
* chooses the appropriate AES based on the length of the supplied key.
*/
*/
const
MCRYPT_CIPHER
=
'rijndael-128'
;
const
MCRYPT_CIPHER
=
'rijndael-128'
;
/**
* Block cipher operation mode for mcrypt module.
*/
const
MCRYPT_MODE
=
'cbc'
;
const
MCRYPT_MODE
=
'cbc'
;
/**
/**
* S
ame size for encryption keys, auth keys and KDF salt
* S
ize in bytes of encryption key, message authentication key and KDF salt.
*/
*/
const
KEY_SIZE
=
16
;
const
KEY_SIZE
=
16
;
/**
/**
...
@@ -62,11 +66,11 @@ class Security extends Component
...
@@ -62,11 +66,11 @@ class Security extends Component
*/
*/
const
KDF_HASH
=
'sha256'
;
const
KDF_HASH
=
'sha256'
;
/**
/**
* Hash algorithm for authentication.
* Hash algorithm for
message
authentication.
*/
*/
const
MAC_HASH
=
'sha256'
;
const
MAC_HASH
=
'sha256'
;
/**
/**
* HKDF info value for
auth keys
* HKDF info value for
derivation of message authentication key.
*/
*/
const
AUTH_KEY_INFO
=
'AuthorizationKey'
;
const
AUTH_KEY_INFO
=
'AuthorizationKey'
;
...
@@ -292,7 +296,7 @@ class Security extends Component
...
@@ -292,7 +296,7 @@ class Security extends Component
* @throws InvalidParamException
* @throws InvalidParamException
* @return string the derived key
* @return string the derived key
*/
*/
p
rotected
function
hkdf
(
$algo
,
$inputKey
,
$salt
=
null
,
$info
=
null
,
$length
=
0
)
p
ublic
function
hkdf
(
$algo
,
$inputKey
,
$salt
=
null
,
$info
=
null
,
$length
=
0
)
{
{
$test
=
@
hash_hmac
(
$algo
,
''
,
''
,
true
);
$test
=
@
hash_hmac
(
$algo
,
''
,
''
,
true
);
if
(
!
$test
)
{
if
(
!
$test
)
{
...
@@ -339,7 +343,7 @@ class Security extends Component
...
@@ -339,7 +343,7 @@ class Security extends Component
* @throws InvalidParamException
* @throws InvalidParamException
* @return string the derived key
* @return string the derived key
*/
*/
p
rotected
function
pbkdf2
(
$algo
,
$password
,
$salt
,
$iterations
,
$length
=
0
)
p
ublic
function
pbkdf2
(
$algo
,
$password
,
$salt
,
$iterations
,
$length
=
0
)
{
{
if
(
function_exists
(
'hash_pbkdf2'
))
{
if
(
function_exists
(
'hash_pbkdf2'
))
{
$outputKey
=
hash_pbkdf2
(
$algo
,
$password
,
$salt
,
$iterations
,
$length
,
true
);
$outputKey
=
hash_pbkdf2
(
$algo
,
$password
,
$salt
,
$iterations
,
$length
,
true
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment