summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorequinox <equinox@diac24.net>2011-04-01 07:00:48 +0200
committerequinox <equinox@diac24.net>2011-04-01 07:04:25 +0200
commit944d2f7e1bf9870b3e6d544f24ecd443450a6fb7 (patch)
tree91c23c61698d60033388c44fe5a37f3fe3f58a21
parenta48c542228cfec15ad9023bc7fe9a9d9cd1aeb2c (diff)
php verify script
-rw-r--r--ticket.py3
-rw-r--r--verify.php25
2 files changed, 27 insertions, 1 deletions
diff --git a/ticket.py b/ticket.py
index 5b9ac2e..c8875d1 100644
--- a/ticket.py
+++ b/ticket.py
@@ -18,8 +18,9 @@ def tgt_verify(site, user, ts, sig, maxage = None):
return status
if __name__ == '__main__':
+ import urllib
sig = tgt_create('site', 'test')
- print sig
+ print urllib.urlencode(sig)
assert not tgt_verify(maxage = -9999, **sig)
assert tgt_verify(maxage = 9999, **sig)
diff --git a/verify.php b/verify.php
new file mode 100644
index 0000000..797dae3
--- /dev/null
+++ b/verify.php
@@ -0,0 +1,25 @@
+<?php
+
+$fp = fopen("subdap-oberon.pem", "r");
+$pubd = fread($fp, 262144);
+fclose($fp);
+
+$pub = openssl_get_publickey($pubd);
+
+$args = array();
+foreach (explode('&', $argv[1]) as $parm) {
+ $s = split('=', $parm);
+ $args[$s[0]] = $s[1];
+}
+
+$sig = $args['sig'];
+$sig = str_replace('-', '+', $sig);
+$sig = str_replace('_', '/', $sig);
+$sig = base64_decode($sig, true);
+
+$data = sprintf("%s:%d:%s", $args['site'], $args['ts'], $args['user']);
+if (openssl_verify($data, $sig, $pub, "SHA256")) {
+ printf("OK: site=%s ts=%s user=%s\n", $args['site'], $args['ts'], $args['user']);
+} else {
+ print "verify failed\n";
+}