bug 807: Avoid redundant data

Signed-off-by: Michael Tänzer <neo@nhng.de>

5 files changed, 36 insertions, 30 deletions

diff --git a/includes/lib/account.php b/includes/lib/account.php
index 0a8602a..6bc2c1e 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -103,31 +103,33 @@ function fix_assurer_flag($userID = NULL)
  */
 class HashAlgorithms {
 	/**
-	 * List of identifiers of supported hash algorithms for signing certificates
-	 * @var array(string)
-	 */
-	public static $list = array(
-			"sha256",
-			"sha384",
-			"sha512",
-	);
-
-	/**
 	 * Default hash algorithm identifier for signing
 	 * @var string
 	 */
-	public static $default = "sha256";
+	public static $default = 'sha256';
 
 	/**
 	 * Get display strings for the supported hash algorithms
-	 * @return array(string=>string) hash_identifier => display_string
+	 * @return array(string=>array('name'=>string, 'info'=>string))
+	 *     - [$hash_identifier]['name'] = Name that should be displayed in UI
+	 *     - [$hash_identifier]['info'] = Additional information that can help
+	 *       with the selection of a suitable algorithm
 	 */
-	public static function display_strings() {
+	public static function getInfo() {
 		return array(
-					"sha256" => "SHA256 "._("recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x)."),
-					"sha384" => "SHA384",
-					"sha512" => "SHA512",
-				);
+				'sha256' => array(
+						'name' => 'SHA256',
+						'info' => _('Currently recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x) still shipped in Debian for example.'),
+					),
+				'sha384' => array(
+						'name' => 'SHA384',
+						'info' => '',
+					),
+				'sha512' => array(
+						'name' => 'SHA512',
+						'info' => _('Highest protection against hash collision attacks of the algorithms offered here.'),
+					),
+			);
 	}
 
 	/**
@@ -138,7 +140,7 @@ class HashAlgorithms {
 	 * @return string The cleaned identifier
 	 */
 	public static function clean($hash_identifier) {
-		if (in_array($hash_identifier, self::$list)) {
+		if (array_key_exists($hash_identifier, self::getInfo() )) {
 			return $hash_identifier;
 		} else {
 			return self::$default;
diff --git a/pages/account/10.php b/pages/account/10.php
index df95b48..17999a7 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -61,14 +61,15 @@
 <p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
 <ul class="no_indent">
 <?
-foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
+foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
 ?>
 	<li>
 		<input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
-		<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label>
+		<label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
 	</li>
 <?
-} ?>
+}
+?>
 </ul>
 
 </div>
diff --git a/pages/account/16.php b/pages/account/16.php
index 2a9d734..28aa614 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -71,12 +71,13 @@ if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_conf
     <td class="DataTD" colspan="2" align="left">
       <?=_("Hash algorithm used when signing the certificate:")?><br />
       <?
-      foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
+      foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
       ?>
         <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
-        <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br />
+        <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
       <?
-      } ?>
+      }
+      ?>
     </td>
   </tr>
 
diff --git a/pages/account/20.php b/pages/account/20.php
index 470b59a..89bbc30 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -55,14 +55,15 @@
 <p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
 <ul class="no_indent">
 <?
-foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
+foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
 ?>
 	<li>
 		<input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
-		<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label>
+		<label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
 	</li>
 <?
-} ?>
+}
+?>
 </ul>
 
 </div>
diff --git a/pages/account/3.php b/pages/account/3.php
index 8c386cd..cd62ce0 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -119,12 +119,13 @@ if($_SESSION['profile']['points'] >= 50)
     <td class="DataTD" colspan="2" align="left">
       <?=_("Hash algorithm used when signing the certificate:")?><br />
       <?
-      foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
+      foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
       ?>
         <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
-        <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br />
+        <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
       <?
-      } ?>
+      }
+      ?>
     </td>
   </tr>