mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-24 13:40:29 +01:00
155 lines
3.9 KiB
PHP
155 lines
3.9 KiB
PHP
<?php
|
|
/*
|
|
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
|
*
|
|
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
|
*
|
|
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
|
*
|
|
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
|
* to obtain the text of the corresponding license version.
|
|
*
|
|
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
|
*/
|
|
?>
|
|
<?php
|
|
|
|
//include("xtea.class.php");
|
|
|
|
/*
|
|
$serial = "abcdefghijklmNopqrstuvwxyz";
|
|
$key = pack('V*', 0x01,0x02,0x03,0x04);
|
|
$pad = "4371353838310545596909623831103272086622087173752843453214777855055965572268047010384215";
|
|
*/
|
|
//print(wawision_pad_verify($pad,$key,$serial));
|
|
|
|
//print(wawision_pad_verify($pad,$key,$serial));
|
|
|
|
class WaWisionOTP
|
|
{
|
|
|
|
function wawision_encode($base64) {
|
|
$output = "";
|
|
for($i = 0; $i < strlen($base64)-1; $i++) {
|
|
$c = ord($base64[$i])-ord('+');
|
|
|
|
$output .= chr($c/10 + ord('0'));
|
|
$output .= chr($c%10 + ord('0'));
|
|
}
|
|
|
|
return $output;
|
|
}
|
|
|
|
function wawision_decode($input)
|
|
{
|
|
$base64_str = "";
|
|
|
|
for ($i=0; $i<strlen($input)/2; $i++) {
|
|
$ten = ord($input[2*$i]) - ord('0');
|
|
$one = ord($input[2*$i+1]) - ord('0');
|
|
|
|
/* check if input is valid */
|
|
$value = $ten*10+$one;
|
|
if($ten < 0 || $ten > 9 || $one < 0 || $one > 9) {
|
|
return FALSE;
|
|
}
|
|
|
|
$base64_str .= chr($value + ord("+"));
|
|
}
|
|
|
|
return $base64_str;
|
|
}
|
|
|
|
function wawision_pad_verify($pad,$key,$serial)
|
|
{
|
|
$cipher = $this->wawision_decode($pad);
|
|
if($cipher == FALSE) {
|
|
return FALSE;
|
|
}
|
|
|
|
$xtea = new XTEA($key);
|
|
$plain = $xtea->decrypt($cipher);
|
|
|
|
if($plain == FALSE)
|
|
return FALSE;
|
|
|
|
/* check serial */
|
|
if($plain[0] != $serial[0] ||
|
|
$plain[1] != $serial[1] ||
|
|
$plain[2] != $serial[2] ||
|
|
$plain[3] != $serial[3] ||
|
|
$plain[4] != $serial[4] ||
|
|
|
|
$plain[8] != $serial[5] ||
|
|
$plain[9] != $serial[6] ||
|
|
$plain[10] != $serial[7] ||
|
|
$plain[11] != $serial[8] ||
|
|
$plain[12] != $serial[9] ||
|
|
|
|
$plain[16] != $serial[10] ||
|
|
$plain[17] != $serial[11] ||
|
|
$plain[18] != $serial[12] ||
|
|
$plain[19] != $serial[13] ||
|
|
$plain[20] != $serial[14]) {
|
|
return FALSE;
|
|
}
|
|
|
|
/* check rnd */
|
|
$rnd1 = ord($plain[7]);
|
|
$rnd2 = ord($plain[15]);
|
|
$rnd12 = ord($plain[23]);
|
|
if(($rnd1 + $rnd2) % 256 != $rnd12)
|
|
return FALSE;
|
|
|
|
/* extract counter */
|
|
$counter = ord($plain[5]) << 24;
|
|
$counter += ord($plain[6]) << 16;
|
|
$counter += ord($plain[13]) << 8;
|
|
$counter += ord($plain[14]);
|
|
|
|
/* success */
|
|
return $counter;
|
|
}
|
|
|
|
function wawision_pad_create($key, $serial, $counter)
|
|
{
|
|
/* 1st block */
|
|
$plain = $serial[0];
|
|
$plain .= $serial[1];
|
|
$plain .= $serial[2];
|
|
$plain .= $serial[3];
|
|
$plain .= $serial[4];
|
|
$plain .= chr($counter >> 24);
|
|
$plain .= chr($counter >> 16);
|
|
$plain .= chr(rand());
|
|
|
|
/* 2nd block */
|
|
$plain .= $serial[5];
|
|
$plain .= $serial[6];
|
|
$plain .= $serial[7];
|
|
$plain .= $serial[8];
|
|
$plain .= $serial[9];
|
|
$plain .= chr($counter >> 8);
|
|
$plain .= chr($counter);
|
|
$plain .= chr(rand());
|
|
|
|
/* 3rd block */
|
|
$plain .= $serial[10];
|
|
$plain .= $serial[11];
|
|
$plain .= $serial[12];
|
|
$plain .= $serial[13];
|
|
$plain .= $serial[14];
|
|
$plain .= chr(rand());
|
|
$plain .= chr(rand());
|
|
$plain .= chr((ord($plain[7])+ord($plain[15])) % 256);
|
|
|
|
/* encrypt using XTEA CBC */
|
|
$xtea = new XTEA($key);
|
|
$cipher = $xtea->encrypt($plain);
|
|
|
|
/* encode using wawision_encode */
|
|
return $this->wawision_encode($cipher);
|
|
}
|
|
}
|
|
|