From: Tim Otten <totten@civicrm.org>
Date: Fri, 8 Jan 2021 11:08:01 +0000 (-0800)
Subject: dev/core#2258 - Add %%credKeys%% to civicrm.settings.php.template
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=7111017769f5574cba43b1181589a4bca866e433;p=civicrm-core.git

dev/core#2258 - Add %%credKeys%% to civicrm.settings.php.template

There are multiple installers distributed across different git repos, and it
make take a bit before they're all updated.  The convoluted ternary
expression ensures that CIVICRM_CRED_KEYS is well-formed regardless
of whether the particular installer knows how to set %%credKeys%%.
---

diff --git a/Civi/Crypto/CryptoRegistry.php b/Civi/Crypto/CryptoRegistry.php
index c979a257d6..a26bd4359c 100644
--- a/Civi/Crypto/CryptoRegistry.php
+++ b/Civi/Crypto/CryptoRegistry.php
@@ -66,7 +66,7 @@ class CryptoRegistry {
     $registry->addCipherSuite(new \Civi\Crypto\PhpseclibCipherSuite());
 
     $registry->addPlainText(['tags' => ['CRED']]);
-    if (defined('CIVICRM_CRED_KEYS')) {
+    if (defined('CIVICRM_CRED_KEYS') && CIVICRM_CRED_KEYS !== '') {
       foreach (explode(' ', CIVICRM_CRED_KEYS) as $n => $keyExpr) {
         $key = ['tags' => ['CRED'], 'weight' => $n];
         if ($keyExpr === 'plain') {
diff --git a/templates/CRM/common/civicrm.settings.php.template b/templates/CRM/common/civicrm.settings.php.template
index 24ba311542..cbacf83f89 100644
--- a/templates/CRM/common/civicrm.settings.php.template
+++ b/templates/CRM/common/civicrm.settings.php.template
@@ -300,6 +300,30 @@ if (!defined('CIVICRM_SITE_KEY')) {
   define( 'CIVICRM_SITE_KEY', '%%siteKey%%');
 }
 
+/**
+ * If credentials are stored in the database, the CIVICRM_CRED_KEYS will be
+ * used to encrypt+decrypt them. This is a space-delimited list of keys (ordered by
+ * priority). Put the preferred key first. Any old/deprecated keys may be
+ * listed after.
+ *
+ * Each key is in format "<cipher-suite>:<key-encoding>:<key-content>", as in:
+ *
+ * Ex: define('CIVICRM_CRED_KEYS', 'aes-cbc:hkdf-sha256:RANDOM_1')
+ * Ex: define('CIVICRM_CRED_KEYS', 'aes-ctr-hs:b64:RANDOM_2 aes-ctr-hs:b64:RANDOM_3')
+ * Ex: define('CIVICRM_CRED_KEYS', '::MY_NEW_KEY ::MY_OLD_KEY')
+ *
+ * If cipher-suite or key-encoding is blank, they will use defaults ("aes-cbc"
+ * and "hkdf-sha256", respectively).
+ *
+ * More info at https://docs.civicrm.org/sysadmin/en/latest/setup/cred-key/
+ */
+if (!defined('CIVICRM_CRED_KEYS') ) {
+  define( '_CIVICRM_CRED_KEYS', '%%credKeys%%');
+  define( 'CIVICRM_CRED_KEYS', _CIVICRM_CRED_KEYS === '%%' . 'credKeys' . '%%' ? '' : _CIVICRM_CRED_KEYS );
+  // Some old installers may not set a decent value, and this extra complexity is a failsafe.
+  // Feel free to simplify post-install.
+}
+
 /**
  * Enable this constant, if you want to send your email through the smarty
  * templating engine(allows you to do conditional and more complex logic)