diff options
| -rw-r--r-- | includes/lib/account.php | 38 | ||||
| -rw-r--r-- | pages/account/10.php | 7 | ||||
| -rw-r--r-- | pages/account/16.php | 7 | ||||
| -rw-r--r-- | pages/account/20.php | 7 | ||||
| -rw-r--r-- | pages/account/3.php | 7 |
5 files changed, 36 insertions, 30 deletions
diff --git a/includes/lib/account.php b/includes/lib/account.php index bf0f2d7..f891b42 100644 --- a/includes/lib/account.php +++ b/includes/lib/account.php @@ -103,31 +103,33 @@ function fix_assurer_flag($userID = NULL) */ class HashAlgorithms { /** - * List of identifiers of supported hash algorithms for signing certificates - * @var array(string) - */ - public static $list = array( - "sha256", - "sha384", - "sha512", - ); - - /** * Default hash algorithm identifier for signing * @var string */ - public static $default = "sha256"; + public static $default = 'sha256'; /** * Get display strings for the supported hash algorithms - * @return array(string=>string) hash_identifier => display_string + * @return array(string=>array('name'=>string, 'info'=>string)) + * - [$hash_identifier]['name'] = Name that should be displayed in UI + * - [$hash_identifier]['info'] = Additional information that can help + * with the selection of a suitable algorithm */ - public static function display_strings() { + public static function getInfo() { return array( - "sha256" => "SHA256 "._("recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x)."), - "sha384" => "SHA384", - "sha512" => "SHA512", - ); + 'sha256' => array( + 'name' => 'SHA256', + 'info' => _('Currently recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x) still shipped in Debian for example.'), + ), + 'sha384' => array( + 'name' => 'SHA384', + 'info' => '', + ), + 'sha512' => array( + 'name' => 'SHA512', + 'info' => _('Highest protection against hash collision attacks of the algorithms offered here.'), + ), + ); } /** @@ -138,7 +140,7 @@ class HashAlgorithms { * @return string The cleaned identifier */ public static function clean($hash_identifier) { - if (in_array($hash_identifier, self::$list)) { + if (array_key_exists($hash_identifier, self::getInfo() )) { return $hash_identifier; } else { return self::$default; diff --git a/pages/account/10.php b/pages/account/10.php index df95b48..17999a7 100644 --- a/pages/account/10.php +++ b/pages/account/10.php @@ -61,14 +61,15 @@ <p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p> <ul class="no_indent"> <? -foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) { +foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) { ?> <li> <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> /> - <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label> + <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label> </li> <? -} ?> +} +?> </ul> </div> diff --git a/pages/account/16.php b/pages/account/16.php index 2a9d734..28aa614 100644 --- a/pages/account/16.php +++ b/pages/account/16.php @@ -71,12 +71,13 @@ if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_conf <td class="DataTD" colspan="2" align="left"> <?=_("Hash algorithm used when signing the certificate:")?><br /> <? - foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) { + foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) { ?> <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> /> - <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br /> + <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br /> <? - } ?> + } + ?> </td> </tr> diff --git a/pages/account/20.php b/pages/account/20.php index 470b59a..89bbc30 100644 --- a/pages/account/20.php +++ b/pages/account/20.php @@ -55,14 +55,15 @@ <p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p> <ul class="no_indent"> <? -foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) { +foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) { ?> <li> <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> /> - <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label> + <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label> </li> <? -} ?> +} +?> </ul> </div> diff --git a/pages/account/3.php b/pages/account/3.php index 8c386cd..cd62ce0 100644 --- a/pages/account/3.php +++ b/pages/account/3.php @@ -119,12 +119,13 @@ if($_SESSION['profile']['points'] >= 50) <td class="DataTD" colspan="2" align="left"> <?=_("Hash algorithm used when signing the certificate:")?><br /> <? - foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) { + foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) { ?> <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> /> - <label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br /> + <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br /> <? - } ?> + } + ?> </td> </tr> |