This is the PHP+MySQL code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require("conn.php"); | |
| ?> | |
| <html> | |
| <head> | |
| <script> | |
| function generar(inf,sup){ | |
| nP = sup - inf; | |
| rnd = Math.random() * nP; | |
| rnd = Math.round(rnd); | |
| document.formulario.challengen.value=parseInt(inf) + rnd; | |
| } | |
| </script> | |
| </head> | |
| <a href="script.py">Descargar script</a> | |
| <form name="formulario" method="POST" action="validar.php" > | |
| <b>Challenge:</b><input type="text" name="challengen"><input type="button" value="Generate" onclick="generar(0,100)"> | |
| <br><b>Usuario:</b><select name="user"> | |
| <?php | |
| $query="SELECT user FROM users"; | |
| result=mysql_query(query,$conn); | |
| while(row=mysql_fetch_array(result)){ | |
| echo "<option value='".row["user"]."'>".row["user"]."</option>"; | |
| } | |
| ?> | |
| </select> | |
| <br><b>Respuesta:</b><input type="text" name="response"> | |
| <br><input type="submit" value="submit"> | |
| <?php | |
| function f($x){ | |
| return ($x*x+3); | |
| } | |
| function fastmodexp(x, y, $mod){ | |
| $p = 1; | |
| aux = x; | |
| while($y > 0){ | |
| if ($y % 2 == 1){ | |
| p = (p * aux) % mod; | |
| } | |
| aux = (aux * aux) % mod; | |
| y = y >> 1; | |
| } | |
| return ($p); | |
| } | |
| if(isset(_POST['response']) and isset(_POST['user']) and isset($_POST['challengen'])){ | |
| usuario = _POST['user']; | |
| x = _POST['challengen']; | |
| r = _POST['response']; | |
| query="SELECT E,N From users WHERE user = '". usuario."'"; | |
| result=mysql_query(query,$conn); | |
| publica = mysql_fetch_array(result); | |
| e = publica["E"]; | |
| n = publica["N"]; | |
| y = f(x); | |
| num = fastmodexp(r, e, n); | |
| if (y == num){ | |
| echo "<strong><h2>Yes, it was ". $usuario ." :)</h2></strong>"; | |
| } else { | |
| echo "<strong><h2>No, it wasn't ". $usuario ." :(</h2></strong>"; | |
| } | |
| } ?> | |
| </form> | |
| </html> |
This is the script in python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def f(x): | |
| return x*x+3 | |
| def fastmodexp(x, y, mod): | |
| p = 1 | |
| aux = x | |
| while y > 0: | |
| if y % 2 == 1: | |
| p = (p * aux) % mod | |
| aux = (aux * aux) % mod | |
| y = y >> 1 | |
| return p | |
| def main(): | |
| x = int(raw_input("x: ")) | |
| d = int(raw_input("d: ")) | |
| n = int(raw_input("n: ")) | |
| y = f(x) | |
| r = fastmodexp(y, d, n) | |
| print "La r es = " + str(r) | |
| main() |
This is the authentication with the web service, here is the validation
PHP can't deal with large keys and it would have been good to put also a failed example. 9 pts.
ResponderEliminar