Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
12 / 12 |
|
100.00% |
3 / 3 |
CRAP | |
100.00% |
1 / 1 |
| ServerSalt | |
100.00% |
12 / 12 |
|
100.00% |
3 / 3 |
6 | |
100.00% |
1 / 1 |
| generate | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| get | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
4 | |||
| setStore | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php |
| 2 | /** |
| 3 | * PrivateBin |
| 4 | * |
| 5 | * a zero-knowledge paste bin |
| 6 | * |
| 7 | * @link https://github.com/PrivateBin/PrivateBin |
| 8 | * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net) |
| 9 | * @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License |
| 10 | * @version 1.7.0 |
| 11 | */ |
| 12 | |
| 13 | namespace PrivateBin\Persistence; |
| 14 | |
| 15 | use PrivateBin\Data\AbstractData; |
| 16 | |
| 17 | /** |
| 18 | * ServerSalt |
| 19 | * |
| 20 | * This is a random string which is unique to each PrivateBin installation. |
| 21 | * It is automatically created if not present. |
| 22 | * |
| 23 | * Salt is used: |
| 24 | * - to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers) |
| 25 | * - to generate unique deletion token (which are not re-usable across PrivateBin servers) |
| 26 | */ |
| 27 | class ServerSalt extends AbstractPersistence |
| 28 | { |
| 29 | /** |
| 30 | * generated salt |
| 31 | * |
| 32 | * @access private |
| 33 | * @static |
| 34 | * @var string |
| 35 | */ |
| 36 | private static $_salt = ''; |
| 37 | |
| 38 | /** |
| 39 | * generate a large random hexadecimal salt |
| 40 | * |
| 41 | * @access public |
| 42 | * @static |
| 43 | * @return string |
| 44 | */ |
| 45 | public static function generate() |
| 46 | { |
| 47 | return bin2hex(random_bytes(256)); |
| 48 | } |
| 49 | |
| 50 | /** |
| 51 | * get server salt |
| 52 | * |
| 53 | * @access public |
| 54 | * @static |
| 55 | * @return string |
| 56 | */ |
| 57 | public static function get() |
| 58 | { |
| 59 | if (strlen(self::$_salt)) { |
| 60 | return self::$_salt; |
| 61 | } |
| 62 | |
| 63 | $salt = self::$_store->getValue('salt'); |
| 64 | if ($salt) { |
| 65 | self::$_salt = $salt; |
| 66 | } else { |
| 67 | self::$_salt = self::generate(); |
| 68 | if (!self::$_store->setValue(self::$_salt, 'salt')) { |
| 69 | error_log('failed to store the server salt, delete tokens, traffic limiter and user icons won\'t work'); |
| 70 | } |
| 71 | } |
| 72 | return self::$_salt; |
| 73 | } |
| 74 | |
| 75 | /** |
| 76 | * set the path |
| 77 | * |
| 78 | * @access public |
| 79 | * @static |
| 80 | * @param AbstractData $store |
| 81 | */ |
| 82 | public static function setStore(AbstractData $store) |
| 83 | { |
| 84 | self::$_salt = ''; |
| 85 | parent::setStore($store); |
| 86 | } |
| 87 | } |