Infra-Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2025-07-25 07:45:29 -04:00
Code Issues Projects Releases Packages Wiki Activity

client side token creation, handle display and single password retry

Browse source
This commit is contained in:
El RIDO 2019-06-29 10:49:44 +02:00
parent 79db7ddafc
commit 5651c0f04e
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
9 changed files with 128 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/Model/Paste.php
View file

@ -116,9 +116,9 @@ class Paste extends AbstractModel
$this->_data['meta']['salt'] = serversalt::generate();
// if a challenge was sent, we store the HMAC of paste ID & challenge
if (array_key_exists('challenge', $this->_data['meta'])) {
$this->_data['meta']['challenge'] = hash_hmac(
'sha256', $this->getId(), base64_decode($this->_data['meta']['challenge'])
);
$this->_data['meta']['challenge'] = base64_encode(hash_hmac(
'sha256', hex2bin($this->getId()), base64_decode($this->_data['meta']['challenge']), true
));
}
// store paste