ctrlv-privatebin/lib/Persistence/ServerSalt.php

105 lines
2.4 KiB
PHP
Raw Permalink Normal View History

<?php
/**
2016-07-11 11:58:15 +02:00
* PrivateBin
*
* a zero-knowledge paste bin
*
2016-07-11 11:58:15 +02:00
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
2021-04-05 16:44:12 +02:00
* @version 1.3.5
*/
2016-12-12 18:43:23 +01:00
2016-12-12 18:49:08 +01:00
namespace PrivateBin\Persistence;
2016-07-21 17:09:48 +02:00
use Exception;
/**
* ServerSalt
*
2016-07-11 11:58:15 +02:00
* This is a random string which is unique to each PrivateBin installation.
* It is automatically created if not present.
*
* Salt is used:
2016-07-11 11:58:15 +02:00
* - to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers)
* - to generate unique deletion token (which are not re-usable across PrivateBin servers)
*/
class ServerSalt extends AbstractPersistence
{
2016-08-10 23:15:06 +02:00
/**
* file where salt is saved to
*
* @access private
* @static
* @var string
*/
private static $_file = 'salt.php';
/**
* generated salt
*
* @access private
* @static
* @var string
*/
private static $_salt = '';
/**
* generate a large random hexadecimal salt
*
* @access public
* @static
* @return string
*/
public static function generate()
{
2016-08-10 23:15:06 +02:00
$randomSalt = bin2hex(random_bytes(256));
return $randomSalt;
}
/**
* get server salt
*
* @access public
* @static
* @throws Exception
* @return string
*/
public static function get()
{
if (strlen(self::$_salt)) {
return self::$_salt;
}
2016-08-10 23:15:06 +02:00
if (self::_exists(self::$_file)) {
if (is_readable(self::getPath(self::$_file))) {
$items = explode('|', file_get_contents(self::getPath(self::$_file)));
}
if (!isset($items) || !is_array($items) || count($items) != 3) {
2016-08-10 23:15:06 +02:00
throw new Exception('unable to read file ' . self::getPath(self::$_file), 20);
}
self::$_salt = $items[1];
} else {
self::$_salt = self::generate();
self::_store(
2016-08-10 23:15:06 +02:00
self::$_file,
2018-07-29 15:50:36 +02:00
'<?php # |' . self::$_salt . '|'
);
}
return self::$_salt;
}
/**
* set the path
*
* @access public
* @static
* @param string $path
*/
public static function setPath($path)
{
self::$_salt = '';
parent::setPath($path);
}
}