master/SiteSecret_8php_source.html

 <?php


 namespace Elgg\Security;


 use Elgg\Database\ConfigTable;

 use Elgg\Exceptions\Configuration\InstallationException;

 use Elgg\Exceptions\RuntimeException;


 class SiteSecret {


     const CONFIG_KEY = '__site_secret__';


     protected string $key;


     public function __construct(protected Crypto $crypto, protected ConfigTable $table) {

         $key = $table->get(self::CONFIG_KEY);

         if (!$key) {

             throw new InstallationException('Site secret is not in the config table.');

         }


         $this->key = $key;

     }


     public function get($raw = false) {

         if (!$this->key) {

             throw new RuntimeException('Secret key is not set');

         }


         if (!$raw) {

             return $this->key;

         }


         // try to return binary key

         if ($this->key[0] === 'z') {

             // new keys are "z" + base64URL

             $base64 = strtr(substr($this->key, 1), '-_', '+/');

             $key = base64_decode($base64);

             if ($key !== false) {

                 return $key;

             }


             // on failure, at least return string key :/

             return $this->key;

         }


         // old keys are hex

         return hex2bin($this->key);

     }


     public function getStrength() {

         $secret = $this->get();

         if ($secret[0] !== 'z') {

             $rand_max = getrandmax();

             if ($rand_max < pow(2, 16)) {

                 return 'weak';

             }


             if ($rand_max < pow(2, 32)) {

                 return 'moderate';

             }

         }


         return 'strong';

     }


     public function regenerate() {

         $key = 'z' . $this->crypto->getRandomString(31);


         $this->table->set(self::CONFIG_KEY, $key);

     }

 }

$table
$table
Definition: user.php:37

Elgg\Database\ConfigTable
Manipulates values in the dbprefix_config table.
Definition: ConfigTable.php:16

Elgg\Exceptions\Configuration\InstallationException
Thrown when there is a major problem with the installation.
Definition: InstallationException.php:12

Elgg\Exceptions\RuntimeException
Exception thrown if an error which can only be found on runtime occurs.
Definition: RuntimeException.php:11

Elgg\Security\Crypto
Cryptographic services.
Definition: Crypto.php:12

Elgg\Security\SiteSecret
Manages a site-specific secret key, encoded as a 32 byte string "secret".
Definition: SiteSecret.php:24

Elgg\Security\SiteSecret\$key
string $key
Definition: SiteSecret.php:28

Elgg\Security\SiteSecret\__construct
__construct(protected Crypto $crypto, protected ConfigTable $table)
Constructor.
Definition: SiteSecret.php:36

Elgg\Security\SiteSecret\CONFIG_KEY
const CONFIG_KEY
Definition: SiteSecret.php:26

Elgg\Security\SiteSecret\getStrength
getStrength()
Get the strength of the site secret.
Definition: SiteSecret.php:89

Elgg\Security\SiteSecret\regenerate
regenerate()
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL) and save to...
Definition: SiteSecret.php:113

Elgg\Security
Definition: Base64Url.php:3