summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/lib/account.php58
-rw-r--r--pages/account/10.php4
-rw-r--r--pages/account/16.php4
-rw-r--r--pages/account/20.php4
-rw-r--r--pages/account/3.php4
5 files changed, 52 insertions, 22 deletions
diff --git a/includes/lib/account.php b/includes/lib/account.php
index 7660861..0a8602a 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -99,19 +99,49 @@ function fix_assurer_flag($userID = NULL)
/**
- * Contains a map of all hash algorithms currently supported for signing.
- *
- * @var array(string=>string) identifier => display_string
+ * Supported hash algorithms for signing certificates
*/
-define("HASH_ALGORITHMS", array(
- "sha256" => "SHA256 "._("recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x)."),
- "sha384" => "SHA384",
- "sha512" => "SHA512",
- ));
+class HashAlgorithms {
+ /**
+ * List of identifiers of supported hash algorithms for signing certificates
+ * @var array(string)
+ */
+ public static $list = array(
+ "sha256",
+ "sha384",
+ "sha512",
+ );
-/**
- * The identifier of the default hash algorithm used as found in HASH_ALGORITHMS
- *
- * @var string
- */
-define("DEFAULT_HASH_ALGORITHM", "sha256");
+ /**
+ * Default hash algorithm identifier for signing
+ * @var string
+ */
+ public static $default = "sha256";
+
+ /**
+ * Get display strings for the supported hash algorithms
+ * @return array(string=>string) hash_identifier => display_string
+ */
+ public static function display_strings() {
+ return array(
+ "sha256" => "SHA256 "._("recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x)."),
+ "sha384" => "SHA384",
+ "sha512" => "SHA512",
+ );
+ }
+
+ /**
+ * Check if the input is a supported hash algorithm identifier otherwise
+ * return the identifier of the default hash algorithm
+ *
+ * @param string $hash_identifier
+ * @return string The cleaned identifier
+ */
+ public static function clean($hash_identifier) {
+ if (in_array($hash_identifier, self::$list)) {
+ return $hash_identifier;
+ } else {
+ return self::$default;
+ }
+ }
+}
diff --git a/pages/account/10.php b/pages/account/10.php
index 82e4c87..317fc0e 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -61,10 +61,10 @@
<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
<ul class="no_indent">
<?
-foreach (HASH_ALGORITHMS as $algorithm => $display_string) {
+foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
?>
<li>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(DEFAULT_HASH_ALGORITHM === $algorithm)?'checked="checked"':''?> />
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label>
</li>
<?
diff --git a/pages/account/16.php b/pages/account/16.php
index d2c9787..2a9d734 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -71,9 +71,9 @@ if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_conf
<td class="DataTD" colspan="2" align="left">
<?=_("Hash algorithm used when signing the certificate:")?><br />
<?
- foreach (HASH_ALGORITHMS as $algorithm => $display_string) {
+ foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
?>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(DEFAULT_HASH_ALGORITHM === $algorithm)?'checked="checked"':''?> />
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br />
<?
} ?>
diff --git a/pages/account/20.php b/pages/account/20.php
index f91440e..470b59a 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -55,10 +55,10 @@
<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
<ul class="no_indent">
<?
-foreach (HASH_ALGORITHMS as $algorithm => $display_string) {
+foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
?>
<li>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(DEFAULT_HASH_ALGORITHM === $algorithm)?'checked="checked"':''?> />
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label>
</li>
<?
diff --git a/pages/account/3.php b/pages/account/3.php
index 7ce4267..bfe8f1a 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -119,9 +119,9 @@ if($_SESSION['profile']['points'] >= 50)
<td class="DataTD" colspan="2" align="left">
<?=_("Hash algorithm used when signing the certificate:")?><br />
<?
- foreach (HASH_ALGORITHMS as $algorithm => $display_string) {
+ foreach (HashAlgorithms::display_strings() as $algorithm => $display_string) {
?>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(DEFAULT_HASH_ALGORITHM === $algorithm)?'checked="checked"':''?> />
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
<label for="hash_alg_<?=$algorithm?>"><?=$display_string?></label><br />
<?
} ?>