mirror of
https://github.com/Yubico/yubikey-val.git
synced 2024-11-29 00:24:13 +01:00
Fix rand# gen
This commit is contained in:
Paul Chen
parent
3ff2d0d93d
commit
9c4b09d99c
@ -52,8 +52,8 @@ if ($ci['perm_id'] != 1 && $ci['perm_id'] != 2) {
|
||||
exit;
|
||||
}
|
||||
|
||||
$tokenId = genRandB64(6);
|
||||
$secret = genRandB64(16);
|
||||
$tokenId = base64_encode(genRandRaw(6));
|
||||
$secret = base64_encode(genRandRaw(16));
|
||||
$keyid = addNewKey($tokenId, 1, $secret, '', $client);
|
||||
|
||||
if ($keyid > 0) {
|
||||
@ -80,7 +80,7 @@ function reply($status, $apiKey, $client_id, $nonce, $info=null) {
|
||||
|
||||
// Generate the signature
|
||||
debug('API key: '.$apiKey); // API key of the client
|
||||
debug('Signing: '.$respParams);
|
||||
debug('Signing response: '.$respParams);
|
||||
// the TRUE at the end states we want the raw value, not hexadecimal form
|
||||
$hmac = hash_hmac('sha1', utf8_encode($respParams), $apiKey, true);
|
||||
//outputToFile('hmac', $hmac, "b");
|
||||
|
||||
28
common.php
28
common.php
@ -1,5 +1,4 @@
|
||||
<?php
|
||||
|
||||
define('S_OK', 'OK');
|
||||
define('S_BAD_OTP', 'BAD_OTP');
|
||||
define('S_BAD_CLIENT', 'BAD_CLIENT'); // New, added by paul 20080920
|
||||
@ -10,30 +9,35 @@ define('S_MISSING_PARAMETER', 'MISSING_PARAMETER');
|
||||
define('S_OPERATION_NOT_ALLOWED', 'OPERATION_NOT_ALLOWED');
|
||||
define('S_BACKEND_ERROR', 'BACKEND_ERROR');
|
||||
|
||||
function debug($msg, $exit=false) {
|
||||
function debug($msg, $exit = false) {
|
||||
global $trace;
|
||||
if ($trace) {
|
||||
if (is_array($msg)) {
|
||||
print_r($msg);
|
||||
} else {
|
||||
echo 'debug> '.$msg;
|
||||
echo 'debug> ' . $msg;
|
||||
}
|
||||
echo "\n";
|
||||
}
|
||||
if ($exit) {
|
||||
die ('<font color=red><h4>Exit</h4></font>');
|
||||
die('<font color=red><h4>Exit</h4></font>');
|
||||
}
|
||||
}
|
||||
|
||||
function genRandB64($len) {
|
||||
$r = hash('sha1', rand(999,99999999));
|
||||
$r = substr(0,$len);
|
||||
return base64_encode($r);
|
||||
function genRandRaw($len) {
|
||||
$h = hash_hmac('sha1', rand(9999,9999999), 'dj*ccbcuiiurubrvnubcdluul', true);
|
||||
$a = str_split($h);
|
||||
//print_r($a);
|
||||
$a = array_slice($a, 0, $len);
|
||||
//print_r($a);
|
||||
$s = implode($a);
|
||||
//outputToFile('out', $s);
|
||||
return $s;
|
||||
}
|
||||
|
||||
function outputToFile($outFname, $content, $mode, $append=false) {
|
||||
$out = fopen($outFname, ($append ? "a" : "w"));
|
||||
fwrite($out, $content);
|
||||
fclose($out);
|
||||
function outputToFile($outFname, $content, $mode, $append = false) {
|
||||
$out = fopen($outFname, ($append ? "a" : "w"));
|
||||
fwrite($out, $content);
|
||||
fclose($out);
|
||||
}
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user