logauth
/
SATS
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New hash management (prepared next secret) : cyclic-hash/*

This commit is contained in:
xdrm-brackets 2017-01-28 18:58:49 +01:00
parent 1b17ab8d38
commit 542d7384d4
6 changed files with 32 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/api/source/fetch.php
View File

@ -16,7 +16,7 @@
return json_encode(['a'=>1]);
} }
echo api_fetch(); echo api_fetch();

25
lib/api/source/sync.php
View File

@ -55,7 +55,8 @@
/* [2] Create httpRequest basis /* [2] Create httpRequest basis
=========================================================*/ =========================================================*/
/* (1) Set URL */ /* (1) Set URL */
$curl = curl_init($url); $curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
/* (2) Set HTTP method -> POST */ /* (2) Set HTTP method -> POST */
curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POST, true);
@ -75,29 +76,30 @@
$postarray['renew'] = $new; $postarray['renew'] = $new;
/* (3) Parse postfiels to multipart format */ /* (3) Parse postfiels to multipart format */
#$postraw = "--$boundary"; $postraw = "--$boundary";
#foreach($postarray as $postkey=>$postvalue) foreach($postarray as $postkey=>$postvalue)
# $postraw .= "\r\nContent-Disposition: form-data; name=\"$postkey\"\r\n\r\n$postvalue\r\n--$boundary"; $postraw .= "\r\nContent-Disposition: form-data; name=\"$postkey\"\r\n\r\n$postvalue\r\n--$boundary";
#$postraw .= "--"; $postraw .= "--";
/* (4) Set postdata raw to curl */ /* (4) Set postdata raw to curl */
curl_setopt($curl, CURLOPT_POSTFIELDS, $postarray); curl_setopt($curl, CURLOPT_POSTFIELDS, $postraw);
/* [4] Manage headers /* [4] Manage headers
=========================================================*/ =========================================================*/
#curl_setopt($curl, CURLOPT_HTTPHEADER, [ curl_setopt($curl, CURLOPT_HTTPHEADER, [
# "Content-Type: multipart/form-data" "Content-Type: multipart/form-data; boundary=$boundary"
#]); ]);
/* [5] Send and catch request response /* [5] Send and catch request response
=========================================================*/ =========================================================*/
/* (1) Send and catch response */ /* (1) Send and catch response */
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($curl); $response = curl_exec($curl);
/* (2) Close request */ /* (2) Close request */
@ -110,6 +112,11 @@
} }
/* [6] Decrement cyclic-hash so request has ran successfully
=========================================================*/
/* [6] Response management /* [6] Response management

13
lib/cyclic-hash/source/decr.php
View File

@ -33,10 +33,10 @@
$secret = @file_get_contents(SECRET_CONF); $secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */ /* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{250}):(\d+)$/", $secret, $match) ){ if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):(.{".SECRET_SIZE."})$/", $secret, $match) ){
// Generate new secret // Generate full secret
$secret = generate_secret().':999'; $secret = generate_secret().':999:'.generate_secret();
// Try to override the secret file // Try to override the secret file
if( @file_put_contents(SECRET_CONF, $secret) ){ if( @file_put_contents(SECRET_CONF, $secret) ){
@ -51,6 +51,7 @@
/* (3) Extract data */ /* (3) Extract data */
$key = (string) $match[1]; $key = (string) $match[1];
$depth = (int) $match[2]; $depth = (int) $match[2];
$next = (string) $match[3];
/* [3] If can decrement, decrement /* [3] If can decrement, decrement
@ -61,7 +62,7 @@
$depth--; $depth--;
/* (2) Try to override the secret file */ /* (2) Try to override the secret file */
if( @file_put_contents(SECRET_CONF, "$key:$depth") ){ if( @file_put_contents(SECRET_CONF, "$key:$depth:$next") ){
slog("Secret depth decremented to $depth", 'cyclic-hash:decr'); slog("Secret depth decremented to $depth", 'cyclic-hash:decr');
return 0; return 0;
}else{ }else{
@ -70,12 +71,12 @@
} }
/* [4] If cannot decrement, generate new password /* [4] If cannot decrement, use new secret and generate next
=========================================================*/ =========================================================*/
}else{ }else{
// Generate new secret // Generate new secret
$secret = generate_secret().':999'; $secret = $next.':999:'.generate_secret();
// Try to override the secret file // Try to override the secret file
if( @file_put_contents(SECRET_CONF, $secret) ){ if( @file_put_contents(SECRET_CONF, $secret) ){

2
lib/cyclic-hash/source/hash.php
View File

@ -13,7 +13,7 @@
$secret = @file_get_contents(SECRET_CONF); $secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */ /* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+)$/", $secret, $match) ) if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):.{".SECRET_SIZE."}$/", $secret, $match) )
return 127; return 127;
/* (3) Extract data for hashing from @secret */ /* (3) Extract data for hashing from @secret */

9
lib/cyclic-hash/source/new.php
View File

@ -13,7 +13,7 @@
$secret = @file_get_contents(SECRET_CONF); $secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */ /* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+)$/", $secret, $match) ){ if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):(.{".SECRET_SIZE."})$/", $secret, $match) ){
slog("Error while reading secret", 'cyclic-hash:new'); slog("Error while reading secret", 'cyclic-hash:new');
return 127; return 127;
} }
@ -21,10 +21,11 @@
/* (3) Extract data for hashing from @secret */ /* (3) Extract data for hashing from @secret */
$key = (string) $match[1]; $key = (string) $match[1];
$depth = (int) $match[2]; $depth = (int) $match[2];
$next = (string) $match[3];
/* (4) Die if not token not changed */ /* (4) Die if not token not changed */
if( $depth < 999 ){ if( $depth > 1 ){
slog("No new secret with $depth depth", 'cyclic-hash:new'); slog("No new secret with $depth depth", 'cyclic-hash:new');
return 0; return 0;
} }
@ -32,8 +33,8 @@
/* [2] If hash have just been created (original depth = 1000) /* [2] If hash have just been created (original depth = 1000)
=========================================================*/ =========================================================*/
/* (1) Return new hash */ /* (1) Return new hash (from @next) */
$newhash = $key; $newhash = $next;
/* (2) Hash @depth times = 1000 */ /* (2) Hash @depth times = 1000 */
for( $d = 0 ; $d < 1000 ; $d++ ) for( $d = 0 ; $d < 1000 ; $d++ )

4
lib/include/const
View File

@ -3,11 +3,11 @@
# RESET OUTPUT BUFFER # RESET OUTPUT BUFFER
# MAIN DIRECTORIES # MAIN DIRECTORIES
define('ROOT_DIR', '/home/sats/satsd'); define('ROOT_DIR', '/home/xdrm-brackets/SANDBOX/sats-local');
define('LOG_DIR', ROOT_DIR.'/log'); define('LOG_DIR', ROOT_DIR.'/log');
define('DATA_DIR', ROOT_DIR.'/data'); define('DATA_DIR', ROOT_DIR.'/data');
define('CONF_DIR', ROOT_DIR.'/conf'); define('CONF_DIR', ROOT_DIR.'/conf');
define('SOURCE_DIR', ROOT_DIR.'/source'); define('SOURCE_DIR', '/home/xdrm-brackets/Desktop/git.xdrm.io/logauth-sats');
define('TMP_DIR', ROOT_DIR.'/tmp'); define('TMP_DIR', ROOT_DIR.'/tmp');
# CONFIGURATION FILES # CONFIGURATION FILES