PrivateBin/lib/Persistence/ServerSalt.php

105 lines
2.4 KiB
PHP
Raw Permalink Normal View History

<?php
/**
2016-07-11 17:58:15 +08:00
* PrivateBin
*
* a zero-knowledge paste bin
*
2016-07-11 17:58:15 +08:00
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
2020-02-16 18:15:28 +08:00
* @version 1.3.3
*/
2016-12-13 01:43:23 +08:00
2016-12-13 01:49:08 +08:00
namespace PrivateBin\Persistence;
2016-07-21 23:09:48 +08:00
use Exception;
/**
* ServerSalt
*
2016-07-11 17:58:15 +08:00
* This is a random string which is unique to each PrivateBin installation.
* It is automatically created if not present.
*
* Salt is used:
2016-07-11 17:58:15 +08:00
* - to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers)
* - to generate unique deletion token (which are not re-usable across PrivateBin servers)
*/
class ServerSalt extends AbstractPersistence
{
2016-08-11 05:15:06 +08:00
/**
* file where salt is saved to
*
* @access private
* @static
* @var string
*/
private static $_file = 'salt.php';
/**
* generated salt
*
* @access private
* @static
* @var string
*/
private static $_salt = '';
/**
* generate a large random hexadecimal salt
*
* @access public
* @static
* @return string
*/
public static function generate()
{
2016-08-11 05:15:06 +08:00
$randomSalt = bin2hex(random_bytes(256));
return $randomSalt;
}
/**
* get server salt
*
* @access public
* @static
* @throws Exception
* @return string
*/
public static function get()
{
if (strlen(self::$_salt)) {
return self::$_salt;
}
2016-08-11 05:15:06 +08:00
if (self::_exists(self::$_file)) {
if (is_readable(self::getPath(self::$_file))) {
$items = explode('|', file_get_contents(self::getPath(self::$_file)));
}
if (!isset($items) || !is_array($items) || count($items) != 3) {
2016-08-11 05:15:06 +08:00
throw new Exception('unable to read file ' . self::getPath(self::$_file), 20);
}
self::$_salt = $items[1];
} else {
self::$_salt = self::generate();
self::_store(
2016-08-11 05:15:06 +08:00
self::$_file,
2018-07-29 21:50:36 +08:00
'<?php # |' . self::$_salt . '|'
);
}
return self::$_salt;
}
/**
* set the path
*
* @access public
* @static
* @param string $path
*/
public static function setPath($path)
{
self::$_salt = '';
parent::setPath($path);
}
}