11 years ago · c5a1c16e2e
--- a/src/Utility/Security.php
+++ b/src/Utility/Security.php
@@ -14,7 +14,6 @@
 
				  */
			
 
				 namespace Cake\Utility;
			
 
				 
			
 
				-use Cake\Core\Configure;
			
 
				 use InvalidArgumentException;
			
 
				 
			
 
				 /**
			
@@ -32,6 +31,13 @@ class Security {
 
				 	public static $hashType = 'sha1';
			
 
				 
			
 
				 /**
			
 
				+ * The HMAC salt to use for encryption and decryption routines
			
 
				+ *
			
 
				+ * @var string
			
 
				+ */
			
 
				+	protected static $_salt;
			
 
				+
			
 
				+/**
			
 
				  * Generate authorization hash.
			
 
				  *
			
 
				  * @return string Hash
			
@@ -60,7 +66,7 @@ class Security {
 
				 
			
 
				 		if ($salt) {
			
 
				 			if (!is_string($salt)) {
			
 
				-				$salt = Configure::read('Security.salt');
			
 
				+				$salt = static::$_salt;
			
 
				 			}
			
 
				 			$string = $salt . $string;
			
 
				 		}
			
@@ -131,7 +137,7 @@ class Security {
 
				 		self::_checkKey($key, 'encrypt()');
			
 
				 
			
 
				 		if ($hmacSalt === null) {
			
 
				-			$hmacSalt = Configure::read('Security.salt');
			
 
				+			$hmacSalt = static::$_salt;
			
 
				 		}
			
 
				 
			
 
				 		// Generate the encryption and hmac key.
			
@@ -178,7 +184,7 @@ class Security {
 
				 			throw new InvalidArgumentException('The data to decrypt cannot be empty.');
			
 
				 		}
			
 
				 		if ($hmacSalt === null) {
			
 
				-			$hmacSalt = Configure::read('Security.salt');
			
 
				+			$hmacSalt = static::$_salt;
			
 
				 		}
			
 
				 
			
 
				 		// Generate the encryption and hmac key.
			
@@ -204,4 +210,18 @@ class Security {
 
				 		return rtrim($plain, "\0");
			
 
				 	}
			
 
				 
			
 
				+/**
			
 
				+ * Gets or sets the HMAC salt to be used for encryption/decryption
			
 
				+ * routines.
			
 
				+ *
			
 
				+ * @param string $salt The salt to use for encryption routines
			
 
				+ * @return string The currently configured salt
			
 
				+ */
			
 
				+	public static function salt($salt = null) {
			
 
				+		if ($salt === null) {
			
 
				+			return static::$_salt;
			
 
				+		}
			
 
				+		return static::$_salt = (string)$salt;
			
 
				+	}
			
 
				+
			
 
				 }
			
--- a/tests/TestCase/Utility/SecurityTest.php
+++ b/tests/TestCase/Utility/SecurityTest.php
@@ -14,7 +14,6 @@
 
				  */
			
 
				 namespace Cake\Test\TestCase\Utility;
			
 
				 
			
 
				-use Cake\Core\Configure;
			
 
				 use Cake\TestSuite\TestCase;
			
 
				 use Cake\Utility\Security;
			
 
				 
			
@@ -246,4 +245,14 @@ class SecurityTest extends TestCase {
 
				 		Security::decrypt($txt, $key);
			
 
				 	}
			
 
				 
			
 
				+/**
			
 
				+ * Tests that the salt can be set and retrieved
			
 
				+ *
			
 
				+ * @return void
			
 
				+ */
			
 
				+	public function testSalt() {
			
 
				+		Security::salt('foobarbaz');
			
 
				+		$this->assertEquals('foobarbaz', Security::salt());
			
 
				+	}
			
 
				+
			
 
				 }