Exemplo n.º 1
0
include_once 'db.php';
include_once 'lib/BigInteger.php';
include_once 'lib/phpseclib1.0.1/Crypt/RSA.php';
dump("HOBA: Starting New Login");
foreach (getallheaders() as $name => $value) {
    //dump("Header:" . $name . " " . $value);
    if ($name == "Authorization" && stripos($value, "hoba") > -1) {
        list($junk, $authStr) = explode("result=", $value);
        $kidB64 = strtok($authStr, ".");
        $chalB64 = strtok(".");
        $nonceB64 = strtok(".");
        $sig = base64url_decode(strtok("."));
    }
}
//dump("kidB64:" . $kidB64 . " chalB64:" . $chalB64 . " nonceB64:" . $nonceB64 ." sig:" . $sig);
if (checkChal($chalB64, getPeer())) {
    dump("HOBA: Challenge accepted");
} else {
    dump("HOBA: Challenge failed");
    setFailCookie();
    exit(1);
}
$kid = base64url_decode($kidB64);
$tbsOrigin = "https://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT'];
$sigText = genTbsBlob($nonceB64, $GLOBALS['alg'], $tbsOrigin, $kidB64, $chalB64);
dbLogin();
$device = dbGetDeviceByKid($kid);
if (!$device) {
    dump("HOBA: kid not found");
    setFailCookie();
    dbLogout();
Exemplo n.º 2
0
function test()
{
    $peer = "10.0.0.1";
    $otherpeer = "10.0.0.2";
    $foo = getChal($peer);
    $bar = checkChal($foo, $peer);
    print $foo . " is a " . ($bar ? "good" : "bad") . " challenge from " . $peer . "\n";
    $bar = checkChal($foo, $otherpeer);
    print $foo . " is a " . ($bar ? "good" : "bad") . " challenge from " . $otherpeer . "\n";
    sleep(2);
    $bar = checkChal($foo, $peer);
    print $foo . " is (now) a " . ($bar ? "good" : "bad") . " challenge from " . $peer . "\n";
}