mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-12-24 06:49:29 -05:00
removing hex2bin to avoid having to add code for this in JS and to not introduce a dependency on paste IDs always having to be hex strings
This commit is contained in:
parent
5651c0f04e
commit
74519f6c4f
@ -664,23 +664,6 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
||||
*/
|
||||
let base58 = new baseX('123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz');
|
||||
|
||||
/**
|
||||
* convert hexadecimal string to binary representation
|
||||
*
|
||||
* @name CryptTool.hex2bin
|
||||
* @function
|
||||
* @private
|
||||
* @param {string} message hex string
|
||||
* @return {string} binary representation as a DOMString
|
||||
*/
|
||||
function hex2bin(message) {
|
||||
let result = [];
|
||||
for (let i = 0, l = message.length; i < l; i += 2) {
|
||||
result.push(parseInt(message.substr(i, 2), 16));
|
||||
}
|
||||
return String.fromCharCode.apply(String, result);
|
||||
}
|
||||
|
||||
/**
|
||||
* convert UTF-8 string stored in a DOMString to a standard UTF-16 DOMString
|
||||
*
|
||||
@ -1014,9 +997,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
||||
false, // may not export this
|
||||
['sign']
|
||||
),
|
||||
stringToArraybuffer(
|
||||
hex2bin(id)
|
||||
)
|
||||
stringToArraybuffer(id)
|
||||
)
|
||||
)
|
||||
);
|
||||
|
@ -117,7 +117,7 @@ class Paste extends AbstractModel
|
||||
// if a challenge was sent, we store the HMAC of paste ID & challenge
|
||||
if (array_key_exists('challenge', $this->_data['meta'])) {
|
||||
$this->_data['meta']['challenge'] = base64_encode(hash_hmac(
|
||||
'sha256', hex2bin($this->getId()), base64_decode($this->_data['meta']['challenge']), true
|
||||
'sha256', $this->getId(), base64_decode($this->_data['meta']['challenge']), true
|
||||
));
|
||||
}
|
||||
|
||||
|
@ -71,7 +71,7 @@ if ($MARKDOWN):
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-o8Q/t6/gpmx6bQaHw3gru3cjOD5BLE/KdBKja73SllZo0/FuLvAjJ+40KhZ8ig/EpioP04etJtfTnNzF/isXow==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-r9MutKcgP/igbs8aUbENyJEie7LMyJ22f2On0RwGL0Hq0seJnmnPo4avDfhR0E/TZWDoux2arzxYHneH2/Ltmw==" crossorigin="anonymous"></script>
|
||||
<!--[if IE]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -49,7 +49,7 @@ if ($MARKDOWN):
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-o8Q/t6/gpmx6bQaHw3gru3cjOD5BLE/KdBKja73SllZo0/FuLvAjJ+40KhZ8ig/EpioP04etJtfTnNzF/isXow==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-r9MutKcgP/igbs8aUbENyJEie7LMyJ22f2On0RwGL0Hq0seJnmnPo4avDfhR0E/TZWDoux2arzxYHneH2/Ltmw==" crossorigin="anonymous"></script>
|
||||
<!--[if IE]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -814,7 +814,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
||||
public function testReadBurnAfterReadingWithToken()
|
||||
{
|
||||
$token = base64_encode(hash_hmac(
|
||||
'sha256', hex2bin(Helper::getPasteId()), random_bytes(32), true
|
||||
'sha256', Helper::getPasteId(), random_bytes(32), true
|
||||
));
|
||||
$burnPaste = Helper::getPaste(2, array('challenge' => $token));
|
||||
$burnPaste['adata'][3] = 1;
|
||||
@ -839,7 +839,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
||||
public function testReadBurnAfterReadingWithIncorrectToken()
|
||||
{
|
||||
$token = base64_encode(hash_hmac(
|
||||
'sha256', hex2bin(Helper::getPasteId()), random_bytes(32), true
|
||||
'sha256', Helper::getPasteId(), random_bytes(32), true
|
||||
));
|
||||
$burnPaste = Helper::getPaste(2, array('challenge' => base64_encode(random_bytes(32))));
|
||||
$burnPaste['adata'][3] = 1;
|
||||
|
@ -277,7 +277,7 @@ class ModelTest extends PHPUnit_Framework_TestCase
|
||||
$pasteData = Helper::getPastePost();
|
||||
$pasteData['meta']['challenge'] = base64_encode(random_bytes(32));
|
||||
$token = base64_encode(hash_hmac(
|
||||
'sha256', hex2bin(Helper::getPasteId()), base64_decode($pasteData['meta']['challenge']), true
|
||||
'sha256', Helper::getPasteId(), base64_decode($pasteData['meta']['challenge']), true
|
||||
));
|
||||
$this->_model->getPaste(Helper::getPasteId())->delete();
|
||||
$paste = $this->_model->getPaste(Helper::getPasteId());
|
||||
|
Loading…
Reference in New Issue
Block a user