public function verify_license($product_code, $name, $email, $lic)
{
echo "Original: <strong>" . $lic . "</strong><br>";
// replace O with 8 and I with 9
$replacement = str_replace("8", "O", str_replace("9", "I", $lic));
echo "Replaced: " . $replacement . "<br>";
//remove Dashes.
$undashed = trim(str_replace("-", "", $replacement));
echo "Undashed: " . $undashed . "<br>";
echo "Key Length: " . strlen($undashed) . "<br>";
// Pad the output length to a multiple of 8 with '=' characters
$desiredLength = strlen($undashed);
if ($desiredLength % 8 != 0) {
$desiredLength += 8 - $desiredLength % 8;
$undashed = str_pad($undashed, $desiredLength, "=");
}
echo "padded: " . $undashed . "<br>";
// decode Key
$decodedHash = base32_decode($undashed);
echo "Binary Sig: " . $decodedHash . "<br>";
//digest the original Data
$stringData = $product_code . "," . $name . "," . $email;
$ok = openssl_verify($stringData, $decodedHash, $this->public_key, OPENSSL_ALGO_DSS1);
if ($ok == 1) {
echo "<strong>GOOD</strong>";
} elseif ($ok == 0) {
echo "<strong>BAD</strong>";
} else {
echo "<strong>ugly, error checking signature</strong>";
}
}
public function verify_license($product_code, $name, $email, $license)
{
## NOTE ###############################################
# If you change the parameters the function acepts do not
# forget to change the lower string concatenation
# to include all fields in the license generation
$stringData = $product_code . "," . $name . "," . $email;
#################################################
// replace O with 8 and I with 9
$replacement = str_replace("8", "O", str_replace("9", "I", $license));
//remove Dashes.
$undashed = trim(str_replace("-", "", $replacement));
// Pad the output length to a multiple of 8 with '=' characters
$desiredLength = strlen($undashed);
if ($desiredLength % 8 != 0) {
$desiredLength += 8 - $desiredLength % 8;
$undashed = str_pad($undashed, $desiredLength, "=");
}
// decode Key
$decodedHash = base32_decode($undashed);
$ok = openssl_verify($stringData, $decodedHash, $this->public_key, OPENSSL_ALGO_DSS1);
if ($ok == 1) {
return TRUE;
} elseif ($ok == 0) {
return FALSE;
} else {
return FALSE;
}
}
public static function repoDecodeWeb($repo)
{
$ret = \Dcrypt\Aes::decrypt(base32_decode($repo), self::key . \Session::getId() . self::githubId());
if ($ret === false) {
\App::abort(500);
}
return $ret;
}
public function load($url, $width = 0, $quality = 70)
{
$this->load->library("curl");
$url = base32_decode($url);
$pic = $this->curl->openImage($url, $width);
header("Content-Type: image/jpg");
imagejpeg($pic, null, $quality);
imagedestroy($pic);
}
function verify_license($product_code, $name, $copies, $license)
{
$signature = array();
$license = str_replace('9', 'I', $license);
$license = str_replace('8', 'O', $license);
$license = str_replace('-', '', $license);
$compositeLicenseCode = make_license_source($product_code, $name);
// pad out the license key
$padded_length = strlen($license) % 8;
if ($padded_length == 0) {
$padded_length = strlen($license);
} else {
$padded_length = (intval(strlen($license) / 8) + 1) * 8;
}
$padded = $license . str_repeat('=', $padded_length - strlen($license));
$signature = base32_decode($padded, base32_decode_buffer_size(strlen($padded)));
$key = file_get_contents("./lib/dsapub512.pem");
$pukeyid = openssl_get_publickey($key);
$valid = openssl_verify($compositeLicenseCode, $signature, $pukeyid, OPENSSL_ALGO_DSS1);
return $valid == 1;
}
$output[$bytes + 1] = $currentByte << 7;
if ($input[$offset + 5] == '=') {
// print "Return + 5 bytes:$bytes\n";
return arrayToString($output, $bytes + 1);
} else {
$bytes++;
}
$output[$bytes] += decode_bits($input[$offset + 5]) << 2;
$currentByte = decode_bits($input[$offset + 6]);
$output[$bytes] += $currentByte >> 3;
$output[$bytes + 1] = ($currentByte & 0x7) << 5;
if ($input[$offset + 7] == '=') {
// print "Return + 7 bytes:$bytes\n";
return arrayToString($output, $bytes + 1);
} else {
$bytes++;
}
$output[$bytes] += decode_bits($input[$offset + 7]) & 0x1f;
$bytes++;
}
return arrayToString($output, $bytes);
}
$test = false;
if ($test) {
print "buff len " . base32_decode_buffer_size(8) . "\n";
print "buff len " . base32_decode_buffer_size(80) . "\n";
$x = base32_decode('GEZDGNBV', base32_decode_buffer_size(8));
$y = base32_decode('MFRGGZDF', base32_decode_buffer_size(8));
echo "{$x} should be 12345\n";
echo "{$y} should be abcde\n ";
}
// format token seedll :
if ($_POST["UserTokenSeed"] === "") {
//if (OCP\Config::getAppValue('user_otp','TokenBase32Encode',true) ){
$GA_VALID_CHAR = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
$UserTokenSeed = generateRandomString(8, 64, 8, $GA_VALID_CHAR);
//}
} else {
$UserTokenSeed = $_POST["UserTokenSeed"];
}
//$UserTokenSeed="234567234567AZAZ";
//$UserTokenSeed="Hello!";
//~ if (OCP\Config::getAppValue('user_otp','TokenBase32Encode',true)){
//~ $UserTokenSeed=bin2hex(base32_decode($UserTokenSeed));
//~ }//else{
//$UserTokenSeed=bin2hex($UserTokenSeed);
$UserTokenSeed = bin2hex(base32_decode($UserTokenSeed));
//$UserTokenSeed=bin2hex(base32_decode($UserTokenSeed));
//echo $UserTokenSeed." / ".base32_encode($UserTokenSeed);exit;
//echo $UserTokenSeed." / ".hex2bin($UserTokenSeed);exit;
//}
//echo "toto";
$result = $mOtp->CreateUser($uid, OCP\Config::getAppValue('user_otp', 'UserPrefixPin', '0') ? 1 : 0, OCP\Config::getAppValue('user_otp', 'UserAlgorithm', 'TOTP'), $UserTokenSeed, $_POST["UserPin"], OCP\Config::getAppValue('user_otp', 'UserTokenNumberOfDigits', '6'), OCP\Config::getAppValue('user_otp', 'UserTokenTimeIntervalOrLastEvent', '30'));
//var_dump($result);
//exit;
if ($result) {
OCP\JSON::success(array("data" => array("message" => $l->t("OTP Changed"))));
} else {
OCP\JSON::error(array("data" => array("message" => $l->t("check apps folder rights"))));
}
} else {
OCP\JSON::error(array("data" => array("message" => $l->t("Invalid request"))));
public function testEncodeDecode()
{
$string = url_base64_encode("1234567890");
$this->assertTrue($string === "MTIzNDU2Nzg5MA");
//
$string = url_base64_decode($string);
$this->assertTrue($string === "1234567890");
//
$key = '111';
$one = xencrypt("1234567890", $key);
$two = xencrypt("1234567890", $key);
$this->assertTrue($one and $two and $one != $two);
$this->assertTrue(xdecrypt($one, $key) === "1234567890");
$this->assertTrue(xdecrypt($two, $key) === "1234567890");
$this->assertTrue(!xdecrypt($two, $key . '1'));
//
$string = base32_encode("1234567890");
$this->assertTrue(!!preg_match('~^[ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]+$~', $string));
//
$string = base32_decode($string);
$this->assertTrue($string === "1234567890");
//
$key = '111';
$one = oencrypt("1234567890", $key);
$two = oencrypt("1234567890", $key);
$this->assertTrue($one and $two and $one != $two);
$this->assertTrue(odecrypt($one, $key) === "1234567890");
$this->assertTrue(odecrypt($two, $key) === "1234567890");
$this->assertTrue(!odecrypt($two, $key . '1'));
}
// INFO: user successfully created or updated
} else {
$result = 35;
// ERROR: user not created
}
}
break;
case "createga":
if ($multiotp->ReadUserData($all_args[1], TRUE)) {
$result = 22;
// ERROR: user already exists.
} elseif ($param_count < 2) {
$result = 30;
// ERROR: At least one parameter is missing
} else {
if ($multiotp->CreateUser($all_args[1], 0, "TOTP", bin2hex(base32_decode($all_args[2])), '' != $all_args[3] ? $all_args[3] : '')) {
$result = 11;
// INFO: user successfully created or updated
} else {
$result = 35;
// ERROR: user not created
}
}
break;
case "phpinfo":
phpinfo();
break;
case "libhash":
echo $multiotp->GetLibraryHash($all_args[1], $all_args[2]) . "\n";
$result = 19;
break;
/**
* Calculate a valid code given the shared secret key
*
* @param string $key The shared secret key to use for calculating code.
* @param mixed $step_count The time step used to calculate the code, which is the floor of time() divided by step size.
* @param int $digits The number of digits in the returned code.
* @param string $hash The hash used to calculate the code.
* @param int $time_step The size of the time step.
*
* @return string The totp code
*/
function calc_totp($key, $step_count = false, $digits = 6, $hash = 'sha1', $time_step = 30)
{
$secret = base32_decode($key);
if (false === $step_count) {
$step_count = floor(time() / $time_step);
}
$timestamp = pack64($step_count);
$hash = hash_hmac($hash, $timestamp, $secret, true);
$offset = ord($hash[19]) & 0xf;
$code = ((ord($hash[$offset + 0]) & 0x7f) << 24 | (ord($hash[$offset + 1]) & 0xff) << 16 | (ord($hash[$offset + 2]) & 0xff) << 8 | ord($hash[$offset + 3]) & 0xff) % pow(10, $digits);
return str_pad($code, $digits, '0', STR_PAD_LEFT);
}
