2013-11-01 01:15:14 +01:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* ZeroBin
|
|
|
|
*
|
|
|
|
* a zero-knowledge paste bin
|
|
|
|
*
|
|
|
|
* @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
|
|
|
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
|
|
|
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
2013-07-05 01:14:23 +02:00
|
|
|
* @version 0.19
|
2013-11-01 01:15:14 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* serversalt
|
|
|
|
*
|
|
|
|
* This is a random string which is unique to each ZeroBin installation.
|
|
|
|
* It is automatically created if not present.
|
|
|
|
*
|
|
|
|
* Salt is used:
|
|
|
|
* - to generate unique VizHash in discussions (which are not reproductible across ZeroBin servers)
|
|
|
|
* - to generate unique deletion token (which are not re-usable across ZeroBin servers)
|
|
|
|
*/
|
|
|
|
class serversalt extends persistence
|
|
|
|
{
|
|
|
|
/**
|
2015-08-16 15:55:31 +02:00
|
|
|
* generated salt
|
|
|
|
*
|
2013-11-01 01:15:14 +01:00
|
|
|
* @access private
|
|
|
|
* @static
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
private static $_salt = '';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* generate a large random hexadecimal salt
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @static
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public static function generate()
|
|
|
|
{
|
|
|
|
$randomSalt = '';
|
2014-02-06 22:33:55 +01:00
|
|
|
if (function_exists('mcrypt_create_iv'))
|
|
|
|
{
|
|
|
|
$randomSalt = bin2hex(mcrypt_create_iv(256, MCRYPT_DEV_URANDOM));
|
|
|
|
}
|
|
|
|
else // fallback to mt_rand()
|
|
|
|
{
|
|
|
|
for($i = 0; $i < 16; ++$i) {
|
|
|
|
$randomSalt .= base_convert(mt_rand(), 10, 16);
|
|
|
|
}
|
2013-11-01 01:15:14 +01:00
|
|
|
}
|
|
|
|
self::$_salt = $randomSalt;
|
|
|
|
return self::$_salt;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* get server salt
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @static
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public static function get()
|
|
|
|
{
|
|
|
|
if (strlen(self::$_salt)) return self::$_salt;
|
|
|
|
|
|
|
|
$file = 'salt.php';
|
|
|
|
if (!self::_exists($file)) {
|
2013-02-24 17:41:32 +01:00
|
|
|
self::_store(
|
2013-11-01 01:15:14 +01:00
|
|
|
$file,
|
2013-02-24 17:41:32 +01:00
|
|
|
'<?php /* |'. self::generate() . '| */ ?>'
|
|
|
|
);
|
2013-11-01 01:15:14 +01:00
|
|
|
}
|
|
|
|
$items = explode('|', file_get_contents(self::getPath($file)));
|
|
|
|
self::$_salt = $items[1];
|
|
|
|
return $items[1];
|
|
|
|
}
|
|
|
|
}
|