Parent Directory
| 
Revision Log
Revision 420 - (view) (download) (as text)
| 1 : | malsyned | 420 | # This package allows a file to be reliably cached on disk and replaced with |
| 2 : | # a string that universally and unforgeably represents that file, and then | ||
| 3 : | # retrieved later given that string. | ||
| 4 : | |||
| 5 : | package WeBWorK::SecureUpload; | ||
| 6 : | |||
| 7 : | # Everything we need to be confident about the upload | ||
| 8 : | use WeBWorK::Constants qw(SECRET); | ||
| 9 : | use MD5 (); | ||
| 10 : | use Data::UUID; | ||
| 11 : | |||
| 12 : | |||
| 13 : | sub store_upload {} | ||
| 14 : | |||
| 15 : | sub retrieve_upload {} | ||
| 16 : | |||
| 17 : | sub new { | ||
| 18 : | unless (SECRET) { | ||
| 19 : | die "A secret has not been set in WeBWorK::Constants for this server."; | ||
| 20 : | } | ||
| 21 : | my $invocant = shift; | ||
| 22 : | my $class = ref($invocant) || invocant; | ||
| 23 : | my $self = { | ||
| 24 : | basedir => shift; # The directory into which to place the spool file | ||
| 25 : | uploadObject => shift; # The Apache::Upload object to deal with | ||
| 26 : | }; | ||
| 27 : | |||
| 28 : | my $ug = Data::UUID->new; # UUID Generator/Handler | ||
| 29 : | my $uuid = $ug->generate; # Unique identifier for this file, guaranteed to be unique until 3400AD | ||
| 30 : | my $uuid_as_string = $ug->to_string($uuid); | ||
| 31 : | my $mac = MD5->hexhash(SECRET . MD5->hexhash(SECRET . $uuid_as_string); # Message Authentication Check. As long as SECRET stays secret, | ||
| 32 : | |||
| 33 : | |||
| 34 : | $self->{ | ||
| 35 : | $self->{MAC} = MD5->hexhash(SECRET . MD4->hexhash(SECRET . $self{UUID}-> # Message Authentication Check - An unforgeable checksum | ||
| 36 : | }; | ||
| 37 : | } | ||
| 38 : | |||
| 39 : | 1; |
| aubreyja at gmail dot com | ViewVC Help |
| Powered by ViewVC 1.0.9 |