Elgg  Version 3.0
Public Member Functions | Static Public Member Functions | Public Attributes | List of all members
Elgg\Database\SiteSecret Class Reference

Manages a site-specific secret key, encoded as a 32 byte string "secret". More...

Public Member Functions

 __construct ($key)
 Constructor. More...
 
 get ($raw=false)
 Returns the site secret. More...
 
 getStrength ()
 Get the strength of the site secret. More...
 

Static Public Member Functions

static regenerate (ElggCrypto $crypto, ConfigTable $table)
 Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to config table. More...
 
static fromDatabase (ConfigTable $table)
 Create from config/storage. More...
 
static fromConfig (ElggConfig $config)
 Create from a config value. More...
 

Public Attributes

const CONFIG_KEY = '__site_secret__'
 

Detailed Description

Manages a site-specific secret key, encoded as a 32 byte string "secret".

The key can have two formats:

The hex keys were created with rand() as the only decent source of entropy (the site's creation time is not too difficult to find). As such, systems with a low getrandmax() value created particularly weak keys. You can check key string using getStrength().

Definition at line 24 of file SiteSecret.php.

Constructor & Destructor Documentation

Elgg\Database\SiteSecret::__construct (   $key)

Constructor.

Parameters
string$keySite key (32 hex chars, or "z" and 31 base64 chars)

Definition at line 33 of file SiteSecret.php.

Member Function Documentation

static Elgg\Database\SiteSecret::fromConfig ( ElggConfig  $config)
static

Create from a config value.

If successful, the value will be erased from config.

Parameters
ElggConfig$configConfig
Returns
SiteSecret|false

Definition at line 141 of file SiteSecret.php.

static Elgg\Database\SiteSecret::fromDatabase ( ConfigTable  $table)
static

Create from config/storage.

Parameters
ConfigTable$tableConfig table
Returns
SiteSecret
Exceptions

Definition at line 125 of file SiteSecret.php.

Elgg\Database\SiteSecret::get (   $raw = false)

Returns the site secret.

Used to generate difficult to guess hashes for sessions and action tokens.

Parameters
bool$rawIf true, a binary key will be returned
Returns
string Site secret

Definition at line 51 of file SiteSecret.php.

Elgg\Database\SiteSecret::getStrength ( )

Get the strength of the site secret.

If "weak" or "moderate" is returned, this assumes we're running on the same system that created the key.

Returns
string "strong", "moderate", or "weak"

Definition at line 85 of file SiteSecret.php.

static Elgg\Database\SiteSecret::regenerate ( ElggCrypto  $crypto,
ConfigTable  $table 
)
static

Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to config table.

Used during installation or regeneration.

Parameters
ElggCrypto$cryptoCrypto service
ConfigTable$tableConfig table
Returns
SiteSecret

Definition at line 109 of file SiteSecret.php.

Member Data Documentation

const Elgg\Database\SiteSecret::CONFIG_KEY = '__site_secret__'

Definition at line 26 of file SiteSecret.php.


The documentation for this class was generated from the following file: