client side token creation, handle display and single password retry

lib/Filter.php

@@ -72,6 +72,7 @@ class Filter
     /**
      * fixed time string comparison operation to prevent timing attacks
      * https://crackstation.net/hashing-security.htm?=rd#slowequals
+     * can be replaced with hash_equals() after we drop PHP 5.5 support
      *
      * @access public
      * @static

lib/FormatV2.php

@@ -123,8 +123,7 @@ class FormatV2
         // require only the key 'expire' in the metadata of pastes
         if (!$isComment && (
             count($message['meta']) === 0 ||
-            !array_key_exists('expire', $message['meta']) ||
-            count($message['meta']) > 1
+            !array_key_exists('expire', $message['meta'])
         )) {
             return false;
         }

lib/Model/Paste.php

@@ -116,9 +116,9 @@ class Paste extends AbstractModel
         $this->_data['meta']['salt']    = serversalt::generate();
         // if a challenge was sent, we store the HMAC of paste ID & challenge
         if (array_key_exists('challenge', $this->_data['meta'])) {
-            $this->_data['meta']['challenge'] = hash_hmac(
-                'sha256', $this->getId(), base64_decode($this->_data['meta']['challenge'])
-            );
+            $this->_data['meta']['challenge'] = base64_encode(hash_hmac(
+                'sha256', hex2bin($this->getId()), base64_decode($this->_data['meta']['challenge']), true
+            ));
         }
 
         // store paste