Mercurial > hg > marc_php

comparison marcus.php @ 3:5c8c4fa95803 draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added support for transfer chaining and some bugfixes
author Ivo Smits <Ivo@UCIS.nl>
date Mon, 17 Nov 2014 01:19:05 +0100
parents caa68b502313
children c642254dc9ee
comparison
equal deleted inserted replaced
2:f6954b464d2f 3:5c8c4fa95803
79 $key['store'] = TRUE; 79 $key['store'] = TRUE;
80 $dbchanged = TRUE; 80 $dbchanged = TRUE;
81 break; 81 break;
82 case 'USE': 82 case 'USE':
83 $key = array('store' => FALSE, 'pk' => $resource['key']); 83 $key = array('store' => FALSE, 'pk' => $resource['key']);
84 if (isset($resource['value']['seckey'])) $key['sk'] = $resource['value']['seckey']; 84 if (isset($resource['value']['seckey'])) $key['locked'] = $resource['value']['seckey'];
85 if (isset($resource['value']['seckeyenc'])) $key['locked'] = $resource['value']['seckeyenc'];
86 break; 85 break;
87 case 'IMPORT': 86 case 'IMPORT':
88 $key = array('store' => FALSE); 87 $key = array('store' => FALSE);
89 $key['pk'] = nacl_crypto_sign_ed25519_keypair($key['sk'], hex2bin($argv[$argi++])); 88 $key['pk'] = nacl_crypto_sign_ed25519_keypair($key['sk'], hex2bin($argv[$argi++]));
90 $dbchanged = TRUE; 89 $dbchanged = TRUE;
91 break; 90 break;
92 case 'UNLOCK': 91 case 'UNLOCK':
93 if (!isset($key['locked'])) throw new Exception('The key is not locked'); 92 if (!isset($key['locked'])) throw new Exception('The key is not locked');
94 $ret = hash('sha512', $key['pk'].$argv[$argi++], TRUE); 93 if (!is_array($key['locked']) || !isset($key['locked']['key'])) throw new Exception('The locked key is invalid');
95 $key['sk'] = ''; 94 $rounds = isset($key['locked']['rounds']) ? intval($key['locked']['rounds']) : 0;
96 for ($i = 0; $i < 32; $i++) $key['sk'] .= chr(ord($key['locked'][$i]) ^ ord($ret[$i])); 95 $ret = str_repeat(chr(0), 64);
97 $ret = nacl_crypto_sign_ed25519_keypair($key['sk'], $key['sk']); 96 for ($i = 0; $i < $rounds; $i++) $ret = hash('sha512', $ret.$argv[$argi].$key['pk'], TRUE);
97 $argi++;
98 $ret = substr($key['locked'] ^ $ret, 0, 32);
99 $ret = nacl_crypto_sign_ed25519_keypair($key['sk'], $ret);
98 if ($ret != $key['pk']) throw new Exception('Key password is not valid'); 100 if ($ret != $key['pk']) throw new Exception('Key password is not valid');
99 echo 'Unlocked public key '.bin2hex($key['pk'])."\n"; 101 echo 'Unlocked public key '.bin2hex($key['pk'])."\n";
100 break; 102 break;
101 default: 103 default:
102 throw new Exception('Unknown key operation '.$argv[$argi-1]); 104 throw new Exception('Unknown key operation '.$argv[$argi-1]);
136 $resource['value']['descr'] = $argv[$argi++]; 138 $resource['value']['descr'] = $argv[$argi++];
137 $reschanged = TRUE; 139 $reschanged = TRUE;
138 break; 140 break;
139 case 'PWAUTH': 141 case 'PWAUTH':
140 if (!isset($key['sk'])) throw new Exception('The key is not available'); 142 if (!isset($key['sk'])) throw new Exception('The key is not available');
141 $ret = hash('sha512', $key['pk'].$argv[$argi++], TRUE); 143 $rounds = 5000;
142 $key['locked'] = ''; 144 $ret = str_repeat(chr(0), 64);
143 for ($i = 0; $i < 32; $i++) $key['locked'] .= chr(ord($key['sk'][$i]) ^ ord($ret[$i])); 145 for ($i = 0; $i < $rounds; $i++) $ret = hash('sha512', $ret.$argv[$argi].$key['pk'], TRUE);
146 $argi++;
147 $key['locked'] = array('rounds' => $rounds, 'key' => substr($key['sk'] ^ $hash, 0, 32));
144 if (!isset($resource['value']) || !is_array($resource['value'])) $resource['value'] = array(); 148 if (!isset($resource['value']) || !is_array($resource['value'])) $resource['value'] = array();
145 $resource['value']['seckeyenc'] = $key['locked']; 149 $resource['value']['seckeyenc'] = $key['locked'];
146 $reschanged = TRUE; 150 $reschanged = TRUE;
147 break; 151 break;
148 case 'TRANSFER': 152 case 'TRANSFER':