george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

client side token creation, handle display and single password retry

Browse Source
This commit is contained in:
El RIDO
2019-06-29 10:49:44 +02:00
parent 79db7ddafc
commit 5651c0f04e
9 changed files with 128 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/Model/Paste.php
View File

@@ -116,9 +116,9 @@ class Paste extends AbstractModel
$this->_data['meta']['salt'] = serversalt::generate();
// if a challenge was sent, we store the HMAC of paste ID & challenge
if (array_key_exists('challenge', $this->_data['meta'])) {
$this->_data['meta']['challenge'] = hash_hmac(
'sha256', $this->getId(), base64_decode($this->_data['meta']['challenge'])
);
$this->_data['meta']['challenge'] = base64_encode(hash_hmac(
'sha256', hex2bin($this->getId()), base64_decode($this->_data['meta']['challenge']), true
));
}
// store paste