BOINC / boinc

html/ops/generate_account_ownership_keys.php

Indentation +19 added lines, -19 removed lines

@@ -24,50 +24,50 @@
 require_once("../inc/account_ownership.inc");
 
 if (php_sapi_name() == "cli") {
-  if (!empty($argv[1])) {
+    if (!empty($argv[1])) {
     if ($argv[1] == "overwrite") {
-      if (file_exists($account_ownership_private_key_file_path)) {
+        if (file_exists($account_ownership_private_key_file_path)) {
         // If the private key exists, delete it.
         unlink($account_ownership_private_key);
         echo "erased '$account_ownership_private_key_file_name' \n";
-      }
-      if (file_exists($account_ownership_public_key_file_path)) {
+        }
+        if (file_exists($account_ownership_public_key_file_path)) {
         // If the public key exists, delete it.
         unlink($account_ownership_public_key);
         echo "erased '$account_ownership_public_key_file_name' \n";
-      }
+        }
+    }
     }
-  }
 
-  if ((!file_exists($account_ownership_private_key_file_path)) && (!file_exists($account_ownership_public_key_file_path))) {
+    if ((!file_exists($account_ownership_private_key_file_path)) && (!file_exists($account_ownership_public_key_file_path))) {
 
     try {
-      $generated_pkey = openssl_pkey_new(array(
+        $generated_pkey = openssl_pkey_new(array(
         'digest_alg' => 'sha512',
         'private_key_bits' => 4096,
         'private_key_type' => OPENSSL_KEYTYPE_RSA
-      ));
+        ));
 
-      $pubkey = openssl_pkey_get_details($generated_pkey); // Get the public key from the generated pkey pair
-      file_put_contents($account_ownership_public_key, $pubkey['key']); // Save the public key to disk
-      openssl_pkey_export_to_file($generated_pkey, $account_ownership_private_key); // Save the private key to disk
-      openssl_pkey_free($generated_pkey); // Free key data securely from memory
+        $pubkey = openssl_pkey_get_details($generated_pkey); // Get the public key from the generated pkey pair
+        file_put_contents($account_ownership_public_key, $pubkey['key']); // Save the public key to disk
+        openssl_pkey_export_to_file($generated_pkey, $account_ownership_private_key); // Save the private key to disk
+        openssl_pkey_free($generated_pkey); // Free key data securely from memory
 
-      if ((file_exists($account_ownership_private_key_file_path)) && (file_exists($account_ownership_public_key_file_path))) {
+        if ((file_exists($account_ownership_private_key_file_path)) && (file_exists($account_ownership_public_key_file_path))) {
         echo "Successfully generated a new account ownership keypair.";
-      } else {
+        } else {
         throw new Exception('Failed to generate account ownership keypair.');
-      }
+        }
 
     } catch (Exception $e) {
         echo 'Caught exception during account ownership key generation: ',  $e->getMessage(), "\n";
     }
 
-  } else {
+    } else {
     echo "The private and public keys already exist. Repeat the command with the 'overwrite' parameter to replace the existing ownership keys.";
-  }
+    }
 } else {
-  echo "This script must be run from the CLI";
+    echo "This script must be run from the CLI";
 }
 
 ?>

html/user/account_ownership.php

Indentation +121 added lines, -121 removed lines

@@ -28,140 +28,140 @@
 check_tokens($user->authenticator);
 
 function account_ownership_action($user) {
-  // POST request - the user has submitted the form.
-  page_head(tra("Proof of account ownership results"), null, null, null, boinc_recaptcha_get_head_extra());
-
-  global $recaptcha_private_key;
-  if ($recaptcha_private_key) {
-      // Recaptcha is enabled on the BOINC server
-      if (!boinc_recaptcha_isValidated($recaptcha_private_key)) {
-          // The user failed to solve the recaptcha prompt - redirect them to an error message!
-          error_page(
-              tra("Your reCAPTCHA response was not correct. Please try again.")
-          );
-      }
-  }
-
-  // Input is passed in from the openssl_sign_form
-  $user_data = htmlentities(post_str("user_data", true), ENT_QUOTES, "UTF-8"); // Convert special characters to html equivelant
-
-  if ((strlen($user_data) > 0) && (strlen($user_data) <= 4096)) {
-      require_once("../inc/account_ownership.inc");
-      // Check that the private key file exists where specified. If not, redirect to error page.
-      if (!file_exists($account_ownership_private_key_file_path)) {
-          error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-
-      // Check that the public key file exists where specified. If not, redirect to error page.
-      if (!file_exists($account_ownership_public_key_file_path)) {
-          error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-
-      $privkey = fopen($account_ownership_private_key_file_path, "r"); // Opening private key file
-      if (!isset($privkey) || empty($privkey)) {
+    // POST request - the user has submitted the form.
+    page_head(tra("Proof of account ownership results"), null, null, null, boinc_recaptcha_get_head_extra());
+
+    global $recaptcha_private_key;
+    if ($recaptcha_private_key) {
+        // Recaptcha is enabled on the BOINC server
+        if (!boinc_recaptcha_isValidated($recaptcha_private_key)) {
+            // The user failed to solve the recaptcha prompt - redirect them to an error message!
+            error_page(
+                tra("Your reCAPTCHA response was not correct. Please try again.")
+            );
+        }
+    }
+
+    // Input is passed in from the openssl_sign_form
+    $user_data = htmlentities(post_str("user_data", true), ENT_QUOTES, "UTF-8"); // Convert special characters to html equivelant
+
+    if ((strlen($user_data) > 0) && (strlen($user_data) <= 4096)) {
+        require_once("../inc/account_ownership.inc");
+        // Check that the private key file exists where specified. If not, redirect to error page.
+        if (!file_exists($account_ownership_private_key_file_path)) {
+            error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
+        }
+
+        // Check that the public key file exists where specified. If not, redirect to error page.
+        if (!file_exists($account_ownership_public_key_file_path)) {
+            error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
+        }
+
+        $privkey = fopen($account_ownership_private_key_file_path, "r"); // Opening private key file
+        if (!isset($privkey) || empty($privkey)) {
         error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-      $privkey_contents = fread($privkey, 8192); // Reading contents of private key into var
-      fclose($privkey); // Closing private key file
+        }
+        $privkey_contents = fread($privkey, 8192); // Reading contents of private key into var
+        fclose($privkey); // Closing private key file
 
-      $userid = $user->id; // Retrieving the user's UserId
-      $message_data = "$userid $user_data"; // Create the message which will be signed.
+        $userid = $user->id; // Retrieving the user's UserId
+        $message_data = "$userid $user_data"; // Create the message which will be signed.
 
-      $private_key_pem = openssl_pkey_get_private($privkey_contents); // Loading the private key into memory
-      openssl_sign($message_data, $signature, $private_key_pem, OPENSSL_ALGO_SHA512); // Compute signature using SHA512
-      openssl_free_key($private_key_pem); // Free the private key from memory for additional security
+        $private_key_pem = openssl_pkey_get_private($privkey_contents); // Loading the private key into memory
+        openssl_sign($message_data, $signature, $private_key_pem, OPENSSL_ALGO_SHA512); // Compute signature using SHA512
+        openssl_free_key($private_key_pem); // Free the private key from memory for additional security
 
-      $pubkey = fopen($account_ownership_public_key_file_path, "r"); // Open public key file
-      if ((!isset($pubkey)) || empty($pubkey)) {
+        $pubkey = fopen($account_ownership_public_key_file_path, "r"); // Open public key file
+        if ((!isset($pubkey)) || empty($pubkey)) {
         error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-      $pubkey_contents = fread($pubkey, 8192); // Read contents to var
-      fclose($pubkey); // Close pub key file
-
-      $base64_sig = base64_encode($signature); // Base64 encode the generated signature to enable safe output to text file.
-      $decoded_sig = base64_decode($base64_sig); // Decode base64 sig for use in sig_verification
-      $pubkeyid = openssl_pkey_get_public($pubkey_contents); // fetch public key into memory
-      $sig_verification = openssl_verify($message_data, $decoded_sig, $pubkeyid, OPENSSL_ALGO_SHA512); // Verify that the generated signature against the original data, using the public key.
-      openssl_free_key($pubkeyid); // Free the public key from memory
-
-      // Check if signature was successfully validated
-      if ($sig_verification == 1) {
-          $url_tokens = url_tokens($user->authenticator);
-          // The generated signature has been successfully verified using the public key.
-          global $master_url; // Define global master_url variable for use in output
-          echo "<p>Do not share this information with anyone other than the external system which has requested this proof of account ownership.</p>";
-          echo "<textarea rows='13' cols='50' id='result_textbox'><account_ownership_verification>\n<master_url>$master_url</master_url>\n<msg>$message_data</msg>\n<signature>$base64_sig</signature>\n</account_ownership_verification></textarea>";
-          echo "<br/><br/><button class='btn btn-success' onclick='copy_result_textbox()'>Copy text</button>";
-          echo "<a href='account_ownership.php?$url_tokens'><button class='btn btn-default'>Go back</button></a>";
-          echo '<script type="text/javascript">';
-          echo 'function copy_result_textbox() {
+        }
+        $pubkey_contents = fread($pubkey, 8192); // Read contents to var
+        fclose($pubkey); // Close pub key file
+
+        $base64_sig = base64_encode($signature); // Base64 encode the generated signature to enable safe output to text file.
+        $decoded_sig = base64_decode($base64_sig); // Decode base64 sig for use in sig_verification
+        $pubkeyid = openssl_pkey_get_public($pubkey_contents); // fetch public key into memory
+        $sig_verification = openssl_verify($message_data, $decoded_sig, $pubkeyid, OPENSSL_ALGO_SHA512); // Verify that the generated signature against the original data, using the public key.
+        openssl_free_key($pubkeyid); // Free the public key from memory
+
+        // Check if signature was successfully validated
+        if ($sig_verification == 1) {
+            $url_tokens = url_tokens($user->authenticator);
+            // The generated signature has been successfully verified using the public key.
+            global $master_url; // Define global master_url variable for use in output
+            echo "<p>Do not share this information with anyone other than the external system which has requested this proof of account ownership.</p>";
+            echo "<textarea rows='13' cols='50' id='result_textbox'><account_ownership_verification>\n<master_url>$master_url</master_url>\n<msg>$message_data</msg>\n<signature>$base64_sig</signature>\n</account_ownership_verification></textarea>";
+            echo "<br/><br/><button class='btn btn-success' onclick='copy_result_textbox()'>Copy text</button>";
+            echo "<a href='account_ownership.php?$url_tokens'><button class='btn btn-default'>Go back</button></a>";
+            echo '<script type="text/javascript">';
+            echo 'function copy_result_textbox() {
                 var target_textbox = document.getElementById("result_textbox");
                 target_textbox.select();
                 document.execCommand("copy");
                 alert("Copied to clipboard");
               }';
-          echo '</script>';
-          page_tail();
-
-      } elseif ($sig_verification == 0) {
-          // The generated signature has not been verified. The private/public keys do not match.
-          error_page(tra("Signature verification failed. Contact the project administrator to resolve the issue."));
-      } else {
-          // Something has gone wrong & an error has occurred.
-          error_page(tra("An error occured during the signature verification. Contact the project administrator to resolve the issue."));
-      }
-  } else {
-      // User data input invalid
-      error_page(tra("Invalid input. User input must have a length > 0 and < 4096. <form><input type='button' value='Go back!'' onclick='history.back()'></form>"));
-  }
+            echo '</script>';
+            page_tail();
+
+        } elseif ($sig_verification == 0) {
+            // The generated signature has not been verified. The private/public keys do not match.
+            error_page(tra("Signature verification failed. Contact the project administrator to resolve the issue."));
+        } else {
+            // Something has gone wrong & an error has occurred.
+            error_page(tra("An error occured during the signature verification. Contact the project administrator to resolve the issue."));
+        }
+    } else {
+        // User data input invalid
+        error_page(tra("Invalid input. User input must have a length > 0 and < 4096. <form><input type='button' value='Go back!'' onclick='history.back()'></form>"));
+    }
 }
 
 function account_ownership_form($user) {
-  // GET request - the user has navigated to the page.
-  page_head(tra("Generate proof of account ownership"), null, null, null, boinc_recaptcha_get_head_extra());
-
-  if ($user) { // Verify the user is logged in
-      require_once("../inc/account_ownership.inc");
-
-      if (!file_exists($account_ownership_private_key_file_path)) {
-          // Check that the private key file exists where specified. If not, redirect to error page.
-          error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-
-      if (!file_exists($account_ownership_public_key_file_path)) {
-          // Check that the public key file exists where specified. If not, redirect to error page.
-          error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
-      }
-
-      echo "<p>This tool is designed to create a proof of account ownership for external systems.</p>";
-
-      global $recaptcha_public_key;
-      if ($recaptcha_public_key) {
-          // Recaptcha configured
-          echo "<p>Enter a message with length less than 4096 characters into the input textbox below, solve the captcha then click the 'Generate' button.</p>";
-      } else {
-          // Recaptcha not configured
-          echo "<p>Enter a message with length less than 4096 characters into the input textbox below then click the 'Generate' button.</p>";
-      }
-      echo "<p>A textbox will then appear which contains your proof of account ownership.";
-      echo "<form method=post action=account_ownership.php>";
-
-      echo form_tokens($user->authenticator);
-      echo "<textarea rows='4' cols='50' name=user_data type=text size=20 placeholder='Enter text'></textarea><br/><br/>";
-
-      if ($recaptcha_public_key) {
-          // Trigger recaptcha!
-          form_general("", boinc_recaptcha_get_html($recaptcha_public_key));
-      }
-
-      echo "<input class=\"btn btn-success\" type=submit value='".tra("Generate")."'>";
-      echo "</form><br/><hr/>";
-  } else {
-      // The user is not logged in!
-      echo "<p>You need to be logged in to use this functionality.</p>";
-  }
-
-  page_tail();
+    // GET request - the user has navigated to the page.
+    page_head(tra("Generate proof of account ownership"), null, null, null, boinc_recaptcha_get_head_extra());
+
+    if ($user) { // Verify the user is logged in
+        require_once("../inc/account_ownership.inc");
+
+        if (!file_exists($account_ownership_private_key_file_path)) {
+            // Check that the private key file exists where specified. If not, redirect to error page.
+            error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
+        }
+
+        if (!file_exists($account_ownership_public_key_file_path)) {
+            // Check that the public key file exists where specified. If not, redirect to error page.
+            error_page(tra("The proof of account ownership feature is not set up properly. Contact the project administrator to resolve the issue."));
+        }
+
+        echo "<p>This tool is designed to create a proof of account ownership for external systems.</p>";
+
+        global $recaptcha_public_key;
+        if ($recaptcha_public_key) {
+            // Recaptcha configured
+            echo "<p>Enter a message with length less than 4096 characters into the input textbox below, solve the captcha then click the 'Generate' button.</p>";
+        } else {
+            // Recaptcha not configured
+            echo "<p>Enter a message with length less than 4096 characters into the input textbox below then click the 'Generate' button.</p>";
+        }
+        echo "<p>A textbox will then appear which contains your proof of account ownership.";
+        echo "<form method=post action=account_ownership.php>";
+
+        echo form_tokens($user->authenticator);
+        echo "<textarea rows='4' cols='50' name=user_data type=text size=20 placeholder='Enter text'></textarea><br/><br/>";
+
+        if ($recaptcha_public_key) {
+            // Trigger recaptcha!
+            form_general("", boinc_recaptcha_get_html($recaptcha_public_key));
+        }
+
+        echo "<input class=\"btn btn-success\" type=submit value='".tra("Generate")."'>";
+        echo "</form><br/><hr/>";
+    } else {
+        // The user is not logged in!
+        echo "<p>You need to be logged in to use this functionality.</p>";
+    }
+
+    page_tail();
 }
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {