logauth
/
SATS
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New hash management (prepared next secret) : cyclic-hash/*

This commit is contained in:
xdrm-brackets 2017-01-28 18:58:49 +01:00
parent 1b17ab8d38
commit 542d7384d4
6 changed files with 32 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/api/source/fetch.php
View File

@ -16,7 +16,7 @@
return json_encode(['a'=>1]);
}
echo api_fetch();

25
lib/api/source/sync.php
View File

@ -55,7 +55,8 @@
/* [2] Create httpRequest basis
=========================================================*/
/* (1) Set URL */
$curl = curl_init($url);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
/* (2) Set HTTP method -> POST */
curl_setopt($curl, CURLOPT_POST, true);
@ -75,29 +76,30 @@
$postarray['renew'] = $new;
/* (3) Parse postfiels to multipart format */
#$postraw = "--$boundary";
$postraw = "--$boundary";
#foreach($postarray as $postkey=>$postvalue)
# $postraw .= "\r\nContent-Disposition: form-data; name=\"$postkey\"\r\n\r\n$postvalue\r\n--$boundary";
foreach($postarray as $postkey=>$postvalue)
$postraw .= "\r\nContent-Disposition: form-data; name=\"$postkey\"\r\n\r\n$postvalue\r\n--$boundary";
#$postraw .= "--";
$postraw .= "--";
/* (4) Set postdata raw to curl */
curl_setopt($curl, CURLOPT_POSTFIELDS, $postarray);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postraw);
/* [4] Manage headers
=========================================================*/
#curl_setopt($curl, CURLOPT_HTTPHEADER, [
# "Content-Type: multipart/form-data"
#]);
curl_setopt($curl, CURLOPT_HTTPHEADER, [
"Content-Type: multipart/form-data; boundary=$boundary"
]);
/* [5] Send and catch request response
=========================================================*/
/* (1) Send and catch response */
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($curl);
/* (2) Close request */
@ -110,6 +112,11 @@
}
/* [6] Decrement cyclic-hash so request has ran successfully
=========================================================*/
/* [6] Response management

13
lib/cyclic-hash/source/decr.php
View File

@ -33,10 +33,10 @@
$secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{250}):(\d+)$/", $secret, $match) ){
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):(.{".SECRET_SIZE."})$/", $secret, $match) ){
// Generate new secret
$secret = generate_secret().':999';
// Generate full secret
$secret = generate_secret().':999:'.generate_secret();
// Try to override the secret file
if( @file_put_contents(SECRET_CONF, $secret) ){
@ -51,6 +51,7 @@
/* (3) Extract data */
$key = (string) $match[1];
$depth = (int) $match[2];
$next = (string) $match[3];
/* [3] If can decrement, decrement
@ -61,7 +62,7 @@
$depth--;
/* (2) Try to override the secret file */
if( @file_put_contents(SECRET_CONF, "$key:$depth") ){
if( @file_put_contents(SECRET_CONF, "$key:$depth:$next") ){
slog("Secret depth decremented to $depth", 'cyclic-hash:decr');
return 0;
}else{
@ -70,12 +71,12 @@
}
/* [4] If cannot decrement, generate new password
/* [4] If cannot decrement, use new secret and generate next
=========================================================*/
}else{
// Generate new secret
$secret = generate_secret().':999';
$secret = $next.':999:'.generate_secret();
// Try to override the secret file
if( @file_put_contents(SECRET_CONF, $secret) ){

2
lib/cyclic-hash/source/hash.php
View File

@ -13,7 +13,7 @@
$secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+)$/", $secret, $match) )
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):.{".SECRET_SIZE."}$/", $secret, $match) )
return 127;
/* (3) Extract data for hashing from @secret */

9
lib/cyclic-hash/source/new.php
View File

@ -13,7 +13,7 @@
$secret = @file_get_contents(SECRET_CONF);
/* (2) Check secret file format */
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+)$/", $secret, $match) ){
if( !is_string($secret) || !preg_match("/^(.{".SECRET_SIZE."}):(\d+):(.{".SECRET_SIZE."})$/", $secret, $match) ){
slog("Error while reading secret", 'cyclic-hash:new');
return 127;
}
@ -21,10 +21,11 @@
/* (3) Extract data for hashing from @secret */
$key = (string) $match[1];
$depth = (int) $match[2];
$next = (string) $match[3];
/* (4) Die if not token not changed */
if( $depth < 999 ){
if( $depth > 1 ){
slog("No new secret with $depth depth", 'cyclic-hash:new');
return 0;
}
@ -32,8 +33,8 @@
/* [2] If hash have just been created (original depth = 1000)
=========================================================*/
/* (1) Return new hash */
$newhash = $key;
/* (1) Return new hash (from @next) */
$newhash = $next;
/* (2) Hash @depth times = 1000 */
for( $d = 0 ; $d < 1000 ; $d++ )

4
lib/include/const
View File

@ -3,11 +3,11 @@
# RESET OUTPUT BUFFER
# MAIN DIRECTORIES
define('ROOT_DIR', '/home/sats/satsd');
define('ROOT_DIR', '/home/xdrm-brackets/SANDBOX/sats-local');
define('LOG_DIR', ROOT_DIR.'/log');
define('DATA_DIR', ROOT_DIR.'/data');
define('CONF_DIR', ROOT_DIR.'/conf');
define('SOURCE_DIR', ROOT_DIR.'/source');
define('SOURCE_DIR', '/home/xdrm-brackets/Desktop/git.xdrm.io/logauth-sats');
define('TMP_DIR', ROOT_DIR.'/tmp');
# CONFIGURATION FILES