Elgg  Version 3.0
SiteSecret.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database;
4 
6 use Elgg\Database;
7 use ElggCrypto;
8 
24 class SiteSecret {
25 
26  const CONFIG_KEY = '__site_secret__';
27 
33  public function __construct($key) {
34  $this->key = $key;
35  }
36 
40  private $key;
41 
51  public function get($raw = false) {
52  if (!$this->key) {
53  throw new \RuntimeException('Secret key is not set');
54  }
55 
56  if (!$raw) {
57  return $this->key;
58  }
59 
60  // try to return binary key
61  if ($this->key[0] === 'z') {
62  // new keys are "z" + base64URL
63  $base64 = strtr(substr($this->key, 1), '-_', '+/');
64  $key = base64_decode($base64);
65  if ($key !== false) {
66  return $key;
67  }
68 
69  // on failure, at least return string key :/
70  return $this->key;
71  }
72 
73  // old keys are hex
74  return hex2bin($this->key);
75  }
76 
85  public function getStrength() {
86  $secret = $this->get();
87  if ($secret[0] !== 'z') {
88  $rand_max = getrandmax();
89  if ($rand_max < pow(2, 16)) {
90  return 'weak';
91  }
92  if ($rand_max < pow(2, 32)) {
93  return 'moderate';
94  }
95  }
96  return 'strong';
97  }
98 
109  public static function regenerate(ElggCrypto $crypto, ConfigTable $table) {
110  $key = 'z' . $crypto->getRandomString(31);
111 
112  $table->set(self::CONFIG_KEY, $key);
113 
114  return new self($key);
115  }
116 
125  public static function fromDatabase(ConfigTable $table) {
126  $key = $table->get(self::CONFIG_KEY);
127  if (!$key) {
128  throw new \InstallationException('Site secret is not in the config table.');
129  }
130 
131  return new self($key);
132  }
133 
141  public static function fromConfig(ElggConfig $config) {
142  $key = $config->{self::CONFIG_KEY};
143  if (!$key) {
144  return false;
145  }
146 
147  // Don't leave this sitting around in config, in case it gets dumped
148  unset($config->{self::CONFIG_KEY});
149 
150  return new self($key);
151  }
152 }
static fromDatabase(ConfigTable $table)
Create from config/storage.
Definition: SiteSecret.php:125
Manages a site-specific secret key, encoded as a 32 byte string "secret".
Definition: SiteSecret.php:24
__construct($key)
Constructor.
Definition: SiteSecret.php:33
$config
Advanced site settings, debugging section.
Definition: debugging.php:6
getStrength()
Get the strength of the site secret.
Definition: SiteSecret.php:85
static fromConfig(ElggConfig $config)
Create from a config value.
Definition: SiteSecret.php:141
get($name)
Gets a configuration value.
getRandomString($length, $chars=null)
Generate a random string of specified length.
Definition: ElggCrypto.php:39
$table
Definition: cron.php:57
static regenerate(ElggCrypto $crypto, ConfigTable $table)
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to...
Definition: SiteSecret.php:109
set($name, $value)
Add or update a config setting.
Definition: ConfigTable.php:90
Manipulates values in the dbprefix_config table.
Definition: ConfigTable.php:17