Exemplo n.º 1
0
 function GetSyncCounter($bin_secret, $sync1, $sync2, &$aMsg)
 {
     if (CSecurityUser::HOTP($bin_secret, 0) === false) {
         $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR2"));
         return 0;
     }
     if (!$sync1) {
         $aMsg[] = array("id" => "security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_EMPTY"));
     } elseif (!preg_match("/^\\d{6}\$/", $sync1)) {
         $aMsg[] = array("id" => "security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_INVALID"));
     }
     if (!$sync2) {
         $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_EMPTY"));
     } elseif (!preg_match("/^\\d{6}\$/", $sync2)) {
         $aMsg[] = array("id" => "security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_INVALID"));
     }
     $cnt = 0;
     for ($i = 0; $i < BX_SECURITY_SYNC_WINDOW; $i++) {
         if (CSecurityUser::HOTP($bin_secret, $cnt) == $sync1 && CSecurityUser::HOTP($bin_secret, $cnt + 1) == $sync2) {
             $cnt++;
             break;
         }
         $cnt++;
     }
     if ($i == BX_SECURITY_SYNC_WINDOW) {
         $aMsg[] = array("id" => "security_SECRET", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR"));
         $cnt = 0;
     }
     return $cnt;
 }
Exemplo n.º 2
0
	/**
	 * @param string $pBinSecret
	 * @param string $pSync1
	 * @param string $pSync2
	 * @param array $pMessages
	 * @return int
	 */
	public static function getSyncCounter($pBinSecret, $pSync1, $pSync2, &$pMessages)
	{
		if(CSecurityUser::HOTP($pBinSecret, 0) === false)
		{
			$pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR2"));
			return 0;
		}

		if(!$pSync1)
			$pMessages[] = array("id"=>"security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_EMPTY"));
		elseif(!preg_match("/^\d{6}$/", $pSync1))
			$pMessages[] = array("id"=>"security_SYNC1", "text" => GetMessage("SECURITY_USER_ERROR_PASS1_INVALID"));

		if(!$pSync2)
			$pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_EMPTY"));
		elseif(!preg_match("/^\d{6}$/", $pSync2))
			$pMessages[] = array("id"=>"security_SYNC2", "text" => GetMessage("SECURITY_USER_ERROR_PASS2_INVALID"));

		$cnt = 0;
		for($i = 0; $i < self::BX_SECURITY_SYNC_WINDOW; $i++)
		{
			if(
				CSecurityUser::HOTP($pBinSecret, $cnt) == $pSync1
				&& CSecurityUser::HOTP($pBinSecret, $cnt+1) == $pSync2
			)
			{
				$cnt++;
				break;
			}
			$cnt++;
		}

		if($i == self::BX_SECURITY_SYNC_WINDOW)
		{
			$pMessages[] = array("id"=>"security_SECRET", "text" => GetMessage("SECURITY_USER_ERROR_SYNC_ERROR"));
			$cnt = 0;
		}

		return $cnt;
	}