Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
12 / 12 |
|
100.00% |
3 / 3 |
CRAP | |
100.00% |
1 / 1 |
| ServerSalt | |
100.00% |
12 / 12 |
|
100.00% |
3 / 3 |
6 | |
100.00% |
1 / 1 |
| generate | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| get | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
4 | |||
| setStore | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php declare(strict_types=1); |
| 2 | /** |
| 3 | * PrivateBin |
| 4 | * |
| 5 | * a zero-knowledge paste bin |
| 6 | * |
| 7 | * @link https://github.com/PrivateBin/PrivateBin |
| 8 | * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net) |
| 9 | * @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License |
| 10 | */ |
| 11 | |
| 12 | namespace PrivateBin\Persistence; |
| 13 | |
| 14 | use PrivateBin\Data\AbstractData; |
| 15 | |
| 16 | /** |
| 17 | * ServerSalt |
| 18 | * |
| 19 | * This is a random string which is unique to each PrivateBin installation. |
| 20 | * It is automatically created if not present. |
| 21 | * |
| 22 | * Salt is used: |
| 23 | * - to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers) |
| 24 | * - to generate unique deletion token (which are not re-usable across PrivateBin servers) |
| 25 | */ |
| 26 | class ServerSalt extends AbstractPersistence |
| 27 | { |
| 28 | /** |
| 29 | * generated salt |
| 30 | * |
| 31 | * @access private |
| 32 | * @static |
| 33 | * @var string |
| 34 | */ |
| 35 | private static $_salt = ''; |
| 36 | |
| 37 | /** |
| 38 | * generate a large random hexadecimal salt |
| 39 | * |
| 40 | * @access public |
| 41 | * @static |
| 42 | * @return string |
| 43 | */ |
| 44 | public static function generate() |
| 45 | { |
| 46 | return bin2hex(random_bytes(256)); |
| 47 | } |
| 48 | |
| 49 | /** |
| 50 | * get server salt |
| 51 | * |
| 52 | * @access public |
| 53 | * @static |
| 54 | * @return string |
| 55 | */ |
| 56 | public static function get() |
| 57 | { |
| 58 | if (!empty(self::$_salt)) { |
| 59 | return self::$_salt; |
| 60 | } |
| 61 | |
| 62 | $salt = self::$_store->getValue('salt'); |
| 63 | if ($salt) { |
| 64 | self::$_salt = $salt; |
| 65 | } else { |
| 66 | self::$_salt = self::generate(); |
| 67 | if (!self::$_store->setValue(self::$_salt, 'salt')) { |
| 68 | error_log('failed to store the server salt, delete tokens, traffic limiter and user icons won\'t work'); |
| 69 | } |
| 70 | } |
| 71 | return self::$_salt; |
| 72 | } |
| 73 | |
| 74 | /** |
| 75 | * set the path |
| 76 | * |
| 77 | * @access public |
| 78 | * @static |
| 79 | * @param AbstractData $store |
| 80 | */ |
| 81 | public static function setStore(AbstractData $store) |
| 82 | { |
| 83 | self::$_salt = ''; |
| 84 | parent::setStore($store); |
| 85 | } |
| 86 | } |