Replace Md5Rand in favor of Sha1Rand

This commit is contained in:
djmaze 2021-10-11 16:28:35 +02:00
parent dfa448c7cc
commit 33f42cc34d
9 changed files with 13 additions and 36 deletions

View file

@ -63,7 +63,7 @@ class SubStreams
\stream_wrapper_register(self::STREAM_NAME, '\MailSo\Base\StreamWrappers\SubStreams');
}
$sHashName = \MailSo\Base\Utils::Md5Rand();
$sHashName = \MailSo\Base\Utils::Sha1Rand();
self::$aStreams[$sHashName] = \array_map(function ($mItem) {
return \is_resource($mItem) ? $mItem :

View file

@ -1661,11 +1661,6 @@ END;
return \is_string($mResult) && \strlen($mResult) ? $mResult : '';
}
public static function Md5Rand(string $sAdditionalSalt = '') : string
{
return \md5($sAdditionalSalt . \random_bytes(16));
}
public static function Sha1Rand(string $sAdditionalSalt = '') : string
{
return \sha1($sAdditionalSalt . \random_bytes(16));
@ -1727,22 +1722,4 @@ END;
return ('' === $sUser ? '' : $sUser.'@').$sDomain;
}
public static function HashToId(string $sHash, string $sSalt = '') : int
{
$sData = $sHash ? Crypt::Decrypt(\hex2bin($sHash), \md5($sSalt)) : null;
$aMatch = array();
if ($sData && \preg_match('/^id:(\d+)$/', $sData, $aMatch) && isset($aMatch[1]))
{
return \is_numeric($aMatch[1]) ? (int) $aMatch[1] : null;
}
return null;
}
public static function IdToHash(int $iID, string $sSalt = '') : string
{
return \bin2hex(Crypt::Encrypt('id:'.$iID, \md5($sSalt)));
}
}

View file

@ -75,7 +75,7 @@ class Logger extends \MailSo\Base\Collection
static $sCache = null;
if (null === $sCache)
{
$sCache = \substr(\MailSo\Base\Utils::Md5Rand(), -8);
$sCache = \substr(\MailSo\Base\Utils::Sha1Rand(), -8);
}
return $sCache;

View file

@ -818,7 +818,7 @@ class MailClient
{
do
{
$sKey = \MailSo\Base\Utils::Md5Rand();
$sKey = \MailSo\Base\Utils::Sha1Rand();
}
while (isset($aCache[$sKey]));
@ -834,7 +834,7 @@ class MailClient
{
do
{
$sKey = \MailSo\Base\Utils::Md5Rand();
$sKey = \MailSo\Base\Utils::Sha1Rand();
}
while (isset($aCache[$sKey]));

View file

@ -369,7 +369,7 @@ class Message
}
return '<'.
\MailSo\Base\Utils::Md5Rand($sHostName.
\MailSo\Base\Utils::Sha1Rand($sHostName.
(\MailSo\Base\Utils::FunctionExistsAndEnabled('getmypid') ? \getmypid() : '')).'@'.$sHostName.'>';
}

View file

@ -1760,7 +1760,7 @@ class Actions
)) {
$oSettings = $this->SettingsProvider()->Load($oAccount);
if ($oSettings) {
$sHash = \MailSo\Base\Utils::Md5Rand($sName . APP_VERSION . APP_SALT);
$sHash = \MailSo\Base\Utils::Sha1Rand($sName . APP_VERSION . APP_SALT);
$oSettings->SetConf('UserBackgroundName', $sName);
$oSettings->SetConf('UserBackgroundHash', $sHash);

View file

@ -62,7 +62,7 @@ trait Admin
private function getAdminToken() : string
{
$sRand = \MailSo\Base\Utils::Md5Rand();
$sRand = \MailSo\Base\Utils::Sha1Rand();
if (!$this->Cacher(null, true)->Set(KeyPathHelper::SessionAdminKey($sRand), \time()))
{
$this->oLogger->Write('Cannot store an admin token',

View file

@ -107,7 +107,7 @@ trait User
{
case 'zip':
$sZipHash = \MailSo\Base\Utils::Md5Rand();
$sZipHash = \MailSo\Base\Utils::Sha1Rand();
$sZipFileName = $oFilesProvider->GenerateLocalFullFileName($oAccount, $sZipHash);
if (!empty($sZipFileName)) {
@ -528,7 +528,7 @@ trait User
private function generateSignMeToken(string $sEmail) : string
{
return \MailSo\Base\Utils::Md5Rand(APP_SALT.$sEmail);
return \MailSo\Base\Utils::Sha1Rand(APP_SALT.$sEmail);
}
private function getMimeFileByHash(\RainLoop\Model\Account $oAccount, string $sHash) : array
@ -553,7 +553,7 @@ trait User
if ($oAccount && \is_resource($rResource))
{
$sHash = \MailSo\Base\Utils::Md5Rand($sFileNameIn.'~'.$sContentTypeIn);
$sHash = \MailSo\Base\Utils::Sha1Rand($sFileNameIn.'~'.$sContentTypeIn);
$rTempResource = $oFileProvider->GetFile($oAccount, $sHash, 'wb+');
if (\is_resource($rTempResource))

View file

@ -72,7 +72,7 @@ class Utils
$sToken = static::GetCookie($sKey, null);
if (null === $sToken)
{
$sToken = \MailSo\Base\Utils::Md5Rand(APP_SALT);
$sToken = \MailSo\Base\Utils::Sha1Rand(APP_SALT);
static::SetCookie($sKey, $sToken, \time() + 60 * 60 * 24 * 30);
}
@ -89,9 +89,9 @@ class Utils
$sKey = 'rlsession';
$sToken = static::GetCookie($sKey, null);
if (null === $sToken)
if (!$sToken)
{
$sToken = \MailSo\Base\Utils::Md5Rand(APP_SALT);
$sToken = \MailSo\Base\Utils::Sha1Rand(APP_SALT);
static::SetCookie($sKey, $sToken, 0);
}