Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 401 and 403]

Class used to encrypt or decrypt data.

Copyright: 2020 The Open University
License: http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
File Size: 323 lines (12 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

encryption:: (10 methods):
  is_sodium_installed()
  get_encryption_method()
  create_key()
  get_key_folder()
  get_key_file()
  key_exists()
  get_key()
  get_iv_length()
  encrypt()
  decrypt()


Class: encryption  - X-Ref

Class used to encrypt or decrypt data.

is_sodium_installed()   X-Ref
Checks if Sodium is installed.

return: bool True if the Sodium extension is available

get_encryption_method()   X-Ref
Gets the encryption method to use. We use the Sodium extension if it is installed, or
otherwise, OpenSSL.

return: string Current encryption method

create_key(?string $method = null, bool $chmod = true)   X-Ref
Creates a key for the server.

param: string|null $method Encryption method (only if you want to create a non-default key)
param: bool $chmod If true, restricts the file access of the key

get_key_folder()   X-Ref
Gets the folder used to store the secret key.

return: string Folder path

get_key_file(?string $method = null)   X-Ref
Gets the file path used to store the secret key. The filename contains the cipher method,
so that if necessary to transition in future it would be possible to have multiple.

param: string|null $method Encryption method (only if you want to get a non-default key)
return: string Full path to file

key_exists(?string $method = null)   X-Ref
Checks if there is a key file.

param: string|null $method Encryption method (only if you want to check a non-default key)
return: bool True if there is a key file

get_key(?string $method = null)   X-Ref
Gets the current key, automatically creating it if there isn't one yet.

param: string|null $method Encryption method (only if you want to get a non-default key)
return: string The key (binary)

get_iv_length(string $method)   X-Ref
Gets the length in bytes of the initial values data required.

param: string $method Crypto method
return: int Length in bytes

encrypt(string $data, ?string $method = null)   X-Ref
Encrypts data using the server's key.

Note there is a special case - the empty string is not encrypted.

param: string $data Data to encrypt, or empty string for no data
param: string|null $method Encryption method (only if you want to use a non-default method)
return: string Encrypted data, or empty string for no data

decrypt(string $data)   X-Ref
Decrypts data using the server's key. The decryption works with either supported method.

param: string $data Data to decrypt
return: string Decrypted data