Class used to encrypt or decrypt data. More...

Static Public Member Functions
static	create_key (?string $method=null, bool $chmod=true)
	Creates a key for the server.

static	decrypt (string $data)
	Decrypts data using the server's key.

static	encrypt (string $data, ?string $method=null)
	Encrypts data using the server's key.

static	get_key_file (?string $method=null)
	Gets the file path used to store the secret key.

static	is_sodium_installed ()
	Checks if Sodium is installed.

static	key_exists (?string $method=null)
	Checks if there is a key file.

Public Attributes
string const	METHOD_OPENSSL = 'openssl-aes-256-ctr'
	Encryption method: hand-coded OpenSSL (less safe)

string const	METHOD_SODIUM = 'sodium'
	Encryption method: Sodium.

string const	OPENSSL_CIPHER = 'AES-256-CTR'
	OpenSSL cipher method.

Static Protected Member Functions
static	get_encryption_method ()
	Gets the encryption method to use.

static	get_iv_length (string $method)
	Gets the length in bytes of the initial values data required.

static	get_key (?string $method=null)
	Gets the current key, automatically creating it if there isn't one yet.

static	get_key_folder ()
	Gets the folder used to store the secret key.

Detailed Description

Class used to encrypt or decrypt data.

Copyright: 2020 The Open University

License: http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later

Deprecated: since Moodle 3.11 MDL-71420 - the openssl part of the class only.

Todo: MDL-71421 Remove the openssl part in Moodle 4.2.

Member Function Documentation

◆ create_key()

static core\encryption::create_key	(	?string	$method = null,
		bool	$chmod = true )

static

Creates a key for the server.

Parameters

string \| null	$method	Encryption method (only if you want to create a non-default key)
bool	$chmod	If true, restricts the file access of the key

Exceptions

moodle_exception If the server already has a key, or there is an error

◆ decrypt()

static core\encryption::decrypt ( string $data )

static

Decrypts data using the server's key.

The decryption works with either supported method.

Parameters

string $data Data to decrypt

Return values

string Decrypted data

◆ encrypt()

static core\encryption::encrypt	(	string	$data,
		?string	$method = null )

static

Encrypts data using the server's key.

Note there is a special case - the empty string is not encrypted.

Parameters

string	$data	Data to encrypt, or empty string for no data
string \| null	$method	Encryption method (only if you want to use a non-default method)

Return values

string Encrypted data, or empty string for no data

Exceptions

moodle_exception If the key doesn't exist, or the string is too long

◆ get_encryption_method()

static core\encryption::get_encryption_method ( )

staticprotected

Gets the encryption method to use.

We use the Sodium extension if it is installed, or otherwise, OpenSSL.

Return values

string Current encryption method

◆ get_iv_length()

static core\encryption::get_iv_length ( string $method )

staticprotected

Gets the length in bytes of the initial values data required.

Parameters

string $method Crypto method

Return values

int	Length in bytes

◆ get_key()

static core\encryption::get_key ( ?string $method = null )

staticprotected

Gets the current key, automatically creating it if there isn't one yet.

Parameters

string | null $method Encryption method (only if you want to get a non-default key)

Return values

string The key (binary)

Exceptions

moodle_exception If there isn't one already (and creation is disabled)

◆ get_key_file()

static core\encryption::get_key_file ( ?string $method = null )

static

Gets the file path used to store the secret key.

The filename contains the cipher method, so that if necessary to transition in future it would be possible to have multiple.

Parameters

string | null $method Encryption method (only if you want to get a non-default key)

Return values

string Full path to file

◆ get_key_folder()

static core\encryption::get_key_folder ( )

staticprotected

Gets the folder used to store the secret key.

Return values

string Folder path

◆ is_sodium_installed()

static core\encryption::is_sodium_installed ( )

static

Checks if Sodium is installed.

Return values

bool	True if the Sodium extension is available

◆ key_exists()

static core\encryption::key_exists ( ?string $method = null )

static

Checks if there is a key file.

Parameters

string | null $method Encryption method (only if you want to check a non-default key)

Return values

bool	True if there is a key file

The documentation for this class was generated from the following file:

lib/classes/encryption.php

Static Public Member Functions

Public Attributes

Static Protected Member Functions

Detailed Description

Member Function Documentation

◆ create_key()

◆ decrypt()

◆ encrypt()

◆ get_encryption_method()

◆ get_iv_length()

◆ get_key()

◆ get_key_file()

◆ get_key_folder()

◆ is_sodium_installed()

◆ key_exists()