master/SiteSecret_8php_source.html

 <?php

 namespace Elgg\Security;

 use Elgg\Database\ConfigTable;
 use Elgg\Exceptions\Configuration\InstallationException;
 use Elgg\Exceptions\RuntimeException;

 class SiteSecret {

     const CONFIG_KEY = '__site_secret__';

     protected string $key;

     public function __construct(protected Crypto $crypto, protected ConfigTable $table) {
         $key = $table->get(self::CONFIG_KEY);
         if (!$key) {
             throw new InstallationException('Site secret is not in the config table.');
         }

         $this->key = $key;
     }

     public function get($raw = false) {
         if (!$this->key) {
             throw new RuntimeException('Secret key is not set');
         }

         if (!$raw) {
             return $this->key;
         }

         // try to return binary key
         if ($this->key[0] === 'z') {
             // new keys are "z" + base64URL
             $base64 = strtr(substr($this->key, 1), '-_', '+/');
             $key = base64_decode($base64);
             if ($key !== false) {
                 return $key;
             }

             // on failure, at least return string key :/
             return $this->key;
         }

         // old keys are hex
         return hex2bin($this->key);
     }

     public function getStrength() {
         $secret = $this->get();
         if ($secret[0] !== 'z') {
             $rand_max = getrandmax();
             if ($rand_max < pow(2, 16)) {
                 return 'weak';
             }

             if ($rand_max < pow(2, 32)) {
                 return 'moderate';
             }
         }

         return 'strong';
     }

     public function regenerate() {
         $key = 'z' . $this->crypto->getRandomString(31);

         $this->table->set(self::CONFIG_KEY, $key);
     }
 }
substr

Elgg\Security\SiteSecret
Manages a site-specific secret key, encoded as a 32 byte string "secret".
Definition: SiteSecret.php:24

Elgg\Security\SiteSecret\regenerate
regenerate()
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to...
Definition: SiteSecret.php:113

Elgg\Security\Crypto
Cryptographic services.
Definition: Crypto.php:12

Elgg\Exceptions\RuntimeException
Exception thrown if an error which can only be found on runtime occurs.
Definition: RuntimeException.php:11

Elgg\Database\ConfigTable\get
get(string $name)
Gets a configuration value.
Definition: ConfigTable.php:118

InstallationException
Updates the basic settings for the primary site object.

Elgg\Security\SiteSecret\__construct
__construct(protected Crypto $crypto, protected ConfigTable $table)
Constructor.
Definition: SiteSecret.php:36

Elgg\Security
Definition: Base64Url.php:3

Elgg\Exceptions\Configuration\InstallationException
Thrown when there is a major problem with the installation.
Definition: InstallationException.php:12

$table
$table
Definition: user.php:37

Elgg\Security\SiteSecret\CONFIG_KEY
const CONFIG_KEY
Definition: SiteSecret.php:26

Elgg\Security\SiteSecret\$key
string $key
Definition: SiteSecret.php:28

RuntimeException

Elgg\Security\SiteSecret\getStrength
getStrength()
Get the strength of the site secret.
Definition: SiteSecret.php:89

ConfigTable

Elgg\Database\ConfigTable
Manipulates values in the dbprefix_config table.
Definition: ConfigTable.php:16