function GetSyncCounter($bin_secret, $sync1, $sync2, &$aMsg) { if (CSecurityUser::HOTP($bin_secret, 0) === false) { $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR2")); return 0; } if (!$sync1) { $aMsg[] = array("id" => "security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_EMPTY")); } elseif (!preg_match("/^\\d{6}\$/", $sync1)) { $aMsg[] = array("id" => "security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_INVALID")); } if (!$sync2) { $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_EMPTY")); } elseif (!preg_match("/^\\d{6}\$/", $sync2)) { $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_INVALID")); } $cnt = 0; for ($i = 0; $i < BX_SECURITY_SYNC_WINDOW; $i++) { if (CSecurityUser::HOTP($bin_secret, $cnt) == $sync1 && CSecurityUser::HOTP($bin_secret, $cnt + 1) == $sync2) { $cnt++; break; } $cnt++; } if ($i == BX_SECURITY_SYNC_WINDOW) { $aMsg[] = array("id" => "security_SECRET", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR")); $cnt = 0; } return $cnt; }
/** * @param string $pBinSecret * @param string $pSync1 * @param string $pSync2 * @param array $pMessages * @return int */ public static function getSyncCounter($pBinSecret, $pSync1, $pSync2, &$pMessages) { if(CSecurityUser::HOTP($pBinSecret, 0) === false) { $pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR2")); return 0; } if(!$pSync1) $pMessages[] = array("id"=>"security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_EMPTY")); elseif(!preg_match("/^\d{6}$/", $pSync1)) $pMessages[] = array("id"=>"security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_INVALID")); if(!$pSync2) $pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_EMPTY")); elseif(!preg_match("/^\d{6}$/", $pSync2)) $pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_INVALID")); $cnt = 0; for($i = 0; $i < self::BX_SECURITY_SYNC_WINDOW; $i++) { if( CSecurityUser::HOTP($pBinSecret, $cnt) == $pSync1 && CSecurityUser::HOTP($pBinSecret, $cnt+1) == $pSync2 ) { $cnt++; break; } $cnt++; } if($i == self::BX_SECURITY_SYNC_WINDOW) { $pMessages[] = array("id"=>"security_SECRET", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR")); $cnt = 0; } return $cnt; }