Elgg
Version 4.3
|
Manages a site-specific secret key, encoded as a 32 byte string "secret". More...
Public Member Functions | |
__construct ($key) | |
Constructor. More... | |
get ($raw=false) | |
Returns the site secret. More... | |
getStrength () | |
Get the strength of the site secret. More... | |
Static Public Member Functions | |
static | regenerate (Crypto $crypto, ConfigTable $table) |
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to config table. More... | |
static | fromDatabase (ConfigTable $table) |
Create from config/storage. More... | |
static | fromConfig (ElggConfig $config) |
Create from a config value. More... | |
Public Attributes | |
const | CONFIG_KEY = '__site_secret__' |
Manages a site-specific secret key, encoded as a 32 byte string "secret".
The key can have two formats:
The hex keys were created with rand() as the only decent source of entropy (the site's creation time is not too difficult to find). As such, systems with a low getrandmax() value created particularly weak keys. You can check key string using getStrength().
Definition at line 25 of file SiteSecret.php.
Elgg\Database\SiteSecret::__construct | ( | $key | ) |
Constructor.
string | $key | Site key (32 hex chars, or "z" and 31 base64 chars) |
Definition at line 39 of file SiteSecret.php.
|
static |
Create from a config value.
If successful, the value will be erased from config.
ElggConfig | $config | Config |
Definition at line 144 of file SiteSecret.php.
|
static |
Create from config/storage.
ConfigTable | $table | Config table |
InstallationException |
Definition at line 128 of file SiteSecret.php.
Elgg\Database\SiteSecret::get | ( | $raw = false | ) |
Returns the site secret.
Used to generate difficult to guess hashes for sessions and action tokens.
bool | $raw | If true, a binary key will be returned |
RuntimeException |
Definition at line 53 of file SiteSecret.php.
Elgg\Database\SiteSecret::getStrength | ( | ) |
Get the strength of the site secret.
If "weak" or "moderate" is returned, this assumes we're running on the same system that created the key.
Definition at line 87 of file SiteSecret.php.
|
static |
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to config table.
Used during installation or regeneration.
Crypto | $crypto | Crypto service |
ConfigTable | $table | Config table |
Definition at line 112 of file SiteSecret.php.
const Elgg\Database\SiteSecret::CONFIG_KEY = '__site_secret__' |
Definition at line 27 of file SiteSecret.php.