rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-08 03:54:20 +01:00
Code Issues Projects Releases Wiki Activity

Refactor sign function.

Browse Source 
- this commit might affect LOG_DEBUG message,
    since now we log utf8_encode($qs) not $qs.

- this is probably what we want though,
    since we run hash_hmac on the latter.
This commit is contained in:
Jean Paul Galea 2015-07-21 20:36:56 +00:00
parent 3414c15eb4
commit 2aa06ec0a3
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
ykval-common.php
View File

@ -82,19 +82,22 @@ function log_format() {
// Sign a http query string in the array of key-value pairs // Sign a http query string in the array of key-value pairs
// return b64 encoded hmac hash // return b64 encoded hmac hash
function sign($a, $apiKey, $logger) { function sign($a, $apiKey, $logger)
{
ksort($a); ksort($a);
$qs = urldecode(http_build_query($a));
// the TRUE at the end states we want the raw value, not hexadecimal form $qs = http_build_query($a);
$hmac = hash_hmac('sha1', utf8_encode($qs), $apiKey, true); $qs = urldecode($qs);
$qs = utf8_encode($qs);
// base64 encoded binary digest
$hmac = hash_hmac('sha1', $qs, $apiKey, TRUE);
$hmac = base64_encode($hmac); $hmac = base64_encode($hmac);
$logger->log(LOG_DEBUG, 'SIGN: ' . $qs . ' H=' . $hmac); $logger->log(LOG_DEBUG, "SIGN: $qs H=$hmac");
return $hmac; return $hmac;
}
} // sign an array of query string
function curl_settings($logger, $ident, $handle, $url, $timeout, $curlopts) function curl_settings($logger, $ident, $handle, $url, $timeout, $curlopts)
{ {