nilsteampassnet /
TeamPass
@@ -14,8 +14,9 @@ |
||
| 14 | 14 | |
| 15 | 15 | function __construct($verifyssl = false, $errorcorrectionlevel = 'L', $margin = 4, $qzone = 1, $bgcolor = 'ffffff', $color = '000000', $format = 'png') |
| 16 | 16 | { |
| 17 | - if (!is_bool($verifyssl)) |
|
| 18 | - throw new QRException('VerifySSL must be bool'); |
|
| 17 | + if (!is_bool($verifyssl)) { |
|
| 18 | + throw new QRException('VerifySSL must be bool'); |
|
| 19 | + } |
|
| 19 | 20 | |
| 20 | 21 | $this->verifyssl = $verifyssl; |
| 21 | 22 | |
@@ -13,8 +13,9 @@ |
||
| 13 | 13 | |
| 14 | 14 | public function getRandomBytes($bytecount) { |
| 15 | 15 | $result = mcrypt_create_iv($bytecount, $this->source); |
| 16 | - if ($result === false) |
|
| 17 | - throw new \RNGException('mcrypt_create_iv returned an invalid value'); |
|
| 16 | + if ($result === false) { |
|
| 17 | + throw new \RNGException('mcrypt_create_iv returned an invalid value'); |
|
| 18 | + } |
|
| 18 | 19 | return $result; |
| 19 | 20 | } |
| 20 | 21 | |
@@ -8,8 +8,9 @@ |
||
| 8 | 8 | |
| 9 | 9 | function __construct($algorithm = 'sha256' ) { |
| 10 | 10 | $algos = array_values(hash_algos()); |
| 11 | - if (!in_array($algorithm, $algos, true)) |
|
| 12 | - throw new \RNGException('Unsupported algorithm specified'); |
|
| 11 | + if (!in_array($algorithm, $algos, true)) { |
|
| 12 | + throw new \RNGException('Unsupported algorithm specified'); |
|
| 13 | + } |
|
| 13 | 14 | $this->algorithm = $algorithm; |
| 14 | 15 | } |
| 15 | 16 | |
@@ -13,10 +13,12 @@ |
||
| 13 | 13 | |
| 14 | 14 | public function getRandomBytes($bytecount) { |
| 15 | 15 | $result = openssl_random_pseudo_bytes($bytecount, $crypto_strong); |
| 16 | - if ($this->requirestrong && ($crypto_strong === false)) |
|
| 17 | - throw new \RNGException('openssl_random_pseudo_bytes returned non-cryptographically strong value'); |
|
| 18 | - if ($result === false) |
|
| 19 | - throw new \RNGException('openssl_random_pseudo_bytes returned an invalid value'); |
|
| 16 | + if ($this->requirestrong && ($crypto_strong === false)) { |
|
| 17 | + throw new \RNGException('openssl_random_pseudo_bytes returned non-cryptographically strong value'); |
|
| 18 | + } |
|
| 19 | + if ($result === false) { |
|
| 20 | + throw new \RNGException('openssl_random_pseudo_bytes returned an invalid value'); |
|
| 21 | + } |
|
| 20 | 22 | return $result; |
| 21 | 23 | } |
| 22 | 24 | |
@@ -11,8 +11,9 @@ |
||
| 11 | 11 | |
| 12 | 12 | function __construct($verifyssl = false, $errorcorrectionlevel = 'L', $margin = 1) |
| 13 | 13 | { |
| 14 | - if (!is_bool($verifyssl)) |
|
| 15 | - throw new \QRException('VerifySSL must be bool'); |
|
| 14 | + if (!is_bool($verifyssl)) { |
|
| 15 | + throw new \QRException('VerifySSL must be bool'); |
|
| 16 | + } |
|
| 16 | 17 | |
| 17 | 18 | $this->verifyssl = $verifyssl; |
| 18 | 19 | |
@@ -26,17 +26,20 @@ discard block |
||
| 26 | 26 | function __construct($issuer = null, $digits = 6, $period = 30, $algorithm = 'sha1', IQRCodeProvider $qrcodeprovider = null, IRNGProvider $rngprovider = null, ITimeProvider $timeprovider = null) |
| 27 | 27 | { |
| 28 | 28 | $this->issuer = $issuer; |
| 29 | - if (!is_int($digits) || $digits <= 0) |
|
| 30 | - throw new TwoFactorAuthException('Digits must be int > 0'); |
|
| 29 | + if (!is_int($digits) || $digits <= 0) { |
|
| 30 | + throw new TwoFactorAuthException('Digits must be int > 0'); |
|
| 31 | + } |
|
| 31 | 32 | $this->digits = $digits; |
| 32 | 33 | |
| 33 | - if (!is_int($period) || $period <= 0) |
|
| 34 | - throw new TwoFactorAuthException('Period must be int > 0'); |
|
| 34 | + if (!is_int($period) || $period <= 0) { |
|
| 35 | + throw new TwoFactorAuthException('Period must be int > 0'); |
|
| 36 | + } |
|
| 35 | 37 | $this->period = $period; |
| 36 | 38 | |
| 37 | 39 | $algorithm = strtolower(trim($algorithm)); |
| 38 | - if (!in_array($algorithm, self::$_supportedalgos)) |
|
| 39 | - throw new TwoFactorAuthException('Unsupported algorithm: ' . $algorithm); |
|
| 40 | + if (!in_array($algorithm, self::$_supportedalgos)) { |
|
| 41 | + throw new TwoFactorAuthException('Unsupported algorithm: ' . $algorithm); |
|
| 42 | + } |
|
| 40 | 43 | $this->algorithm = $algorithm; |
| 41 | 44 | $this->qrcodeprovider = $qrcodeprovider; |
| 42 | 45 | $this->rngprovider = $rngprovider; |
@@ -54,11 +57,14 @@ discard block |
||
| 54 | 57 | $secret = ''; |
| 55 | 58 | $bytes = ceil($bits / 5); //We use 5 bits of each byte (since we have a 32-character 'alphabet' / BASE32) |
| 56 | 59 | $rngprovider = $this->getRngprovider(); |
| 57 | - if ($requirecryptosecure && !$rngprovider->isCryptographicallySecure()) |
|
| 58 | - throw new TwoFactorAuthException('RNG provider is not cryptographically secure'); |
|
| 60 | + if ($requirecryptosecure && !$rngprovider->isCryptographicallySecure()) { |
|
| 61 | + throw new TwoFactorAuthException('RNG provider is not cryptographically secure'); |
|
| 62 | + } |
|
| 59 | 63 | $rnd = $rngprovider->getRandomBytes($bytes); |
| 60 | - for ($i = 0; $i < $bytes; $i++) |
|
| 61 | - $secret .= self::$_base32[ord($rnd[$i]) & 31]; //Mask out left 3 bits for 0-31 values |
|
| 64 | + for ($i = 0; $i < $bytes; $i++) { |
|
| 65 | + $secret .= self::$_base32[ord($rnd[$i]) & 31]; |
|
| 66 | + } |
|
| 67 | + //Mask out left 3 bits for 0-31 values |
|
| 62 | 68 | return $secret; |
| 63 | 69 | } |
| 64 | 70 | |
@@ -87,8 +93,9 @@ discard block |
||
| 87 | 93 | $timetamp = $this->getTime($time); |
| 88 | 94 | |
| 89 | 95 | // To keep safe from timing-attachs we iterate *all* possible codes even though we already may have verified a code is correct |
| 90 | - for ($i = -$discrepancy; $i <= $discrepancy; $i++) |
|
| 91 | - $result |= $this->codeEquals($this->getCode($secret, $timetamp + ($i * $this->period)), $code); |
|
| 96 | + for ($i = -$discrepancy; $i <= $discrepancy; $i++) { |
|
| 97 | + $result |= $this->codeEquals($this->getCode($secret, $timetamp + ($i * $this->period)), $code); |
|
| 98 | + } |
|
| 92 | 99 | |
| 93 | 100 | return (bool)$result; |
| 94 | 101 | } |
@@ -104,8 +111,9 @@ discard block |
||
| 104 | 111 | // we don't leak information about the difference of the two strings. |
| 105 | 112 | if (strlen($safe)===strlen($user)) { |
| 106 | 113 | $result = 0; |
| 107 | - for ($i = 0; $i < strlen($safe); $i++) |
|
| 108 | - $result |= (ord($safe[$i]) ^ ord($user[$i])); |
|
| 114 | + for ($i = 0; $i < strlen($safe); $i++) { |
|
| 115 | + $result |= (ord($safe[$i]) ^ ord($user[$i])); |
|
| 116 | + } |
|
| 109 | 117 | return $result === 0; |
| 110 | 118 | } |
| 111 | 119 | return false; |
@@ -116,8 +124,9 @@ discard block |
||
| 116 | 124 | */ |
| 117 | 125 | public function getQRCodeImageAsDataUri($label, $secret, $size = 200) |
| 118 | 126 | { |
| 119 | - if (!is_int($size) || $size <= 0) |
|
| 120 | - throw new TwoFactorAuthException('Size must be int > 0'); |
|
| 127 | + if (!is_int($size) || $size <= 0) { |
|
| 128 | + throw new TwoFactorAuthException('Size must be int > 0'); |
|
| 129 | + } |
|
| 121 | 130 | |
| 122 | 131 | $qrcodeprovider = $this->getQrCodeProvider(); |
| 123 | 132 | return 'data:' |
@@ -131,26 +140,30 @@ discard block |
||
| 131 | 140 | */ |
| 132 | 141 | public function ensureCorrectTime(array $timeproviders = null, $leniency = 5) |
| 133 | 142 | { |
| 134 | - if ($timeproviders != null && !is_array($timeproviders)) |
|
| 135 | - throw new TwoFactorAuthException('No timeproviders specified'); |
|
| 143 | + if ($timeproviders != null && !is_array($timeproviders)) { |
|
| 144 | + throw new TwoFactorAuthException('No timeproviders specified'); |
|
| 145 | + } |
|
| 136 | 146 | |
| 137 | - if ($timeproviders == null) |
|
| 138 | - $timeproviders = array( |
|
| 147 | + if ($timeproviders == null) { |
|
| 148 | + $timeproviders = array( |
|
| 139 | 149 | new Providers\Time\ConvertUnixTimeDotComTimeProvider(), |
| 140 | 150 | new Providers\Time\HttpTimeProvider() |
| 141 | 151 | ); |
| 152 | + } |
|
| 142 | 153 | |
| 143 | 154 | // Get default time provider |
| 144 | 155 | $timeprovider = $this->getTimeProvider(); |
| 145 | 156 | |
| 146 | 157 | // Iterate specified time providers |
| 147 | 158 | foreach ($timeproviders as $t) { |
| 148 | - if (!($t instanceof ITimeProvider)) |
|
| 149 | - throw new TwoFactorAuthException('Object does not implement ITimeProvider'); |
|
| 159 | + if (!($t instanceof ITimeProvider)) { |
|
| 160 | + throw new TwoFactorAuthException('Object does not implement ITimeProvider'); |
|
| 161 | + } |
|
| 150 | 162 | |
| 151 | 163 | // Get time from default time provider and compare to specific time provider and throw if time difference is more than specified number of seconds leniency |
| 152 | - if (abs($timeprovider->getTime() - $t->getTime()) > $leniency) |
|
| 153 | - throw new TwoFactorAuthException(sprintf('Time for timeprovider is off by more than %d seconds when compared to %s', $leniency, get_class($t))); |
|
| 164 | + if (abs($timeprovider->getTime() - $t->getTime()) > $leniency) { |
|
| 165 | + throw new TwoFactorAuthException(sprintf('Time for timeprovider is off by more than %d seconds when compared to %s', $leniency, get_class($t))); |
|
| 166 | + } |
|
| 154 | 167 | } |
| 155 | 168 | } |
| 156 | 169 | |
@@ -179,23 +192,28 @@ discard block |
||
| 179 | 192 | |
| 180 | 193 | private function base32Decode($value) |
| 181 | 194 | { |
| 182 | - if (strlen($value)==0) return ''; |
|
| 195 | + if (strlen($value)==0) { |
|
| 196 | + return ''; |
|
| 197 | + } |
|
| 183 | 198 | |
| 184 | - if (preg_match('/[^'.preg_quote(self::$_base32dict).']/', $value) !== 0) |
|
| 185 | - throw new TwoFactorAuthException('Invalid base32 string'); |
|
| 199 | + if (preg_match('/[^'.preg_quote(self::$_base32dict).']/', $value) !== 0) { |
|
| 200 | + throw new TwoFactorAuthException('Invalid base32 string'); |
|
| 201 | + } |
|
| 186 | 202 | |
| 187 | 203 | $buffer = ''; |
| 188 | 204 | foreach (str_split($value) as $char) |
| 189 | 205 | { |
| 190 | - if ($char !== '=') |
|
| 191 | - $buffer .= str_pad(decbin(self::$_base32lookup[$char]), 5, 0, STR_PAD_LEFT); |
|
| 206 | + if ($char !== '=') { |
|
| 207 | + $buffer .= str_pad(decbin(self::$_base32lookup[$char]), 5, 0, STR_PAD_LEFT); |
|
| 208 | + } |
|
| 192 | 209 | } |
| 193 | 210 | $length = strlen($buffer); |
| 194 | 211 | $blocks = trim(chunk_split(substr($buffer, 0, $length - ($length % 8)), 8, ' ')); |
| 195 | 212 | |
| 196 | 213 | $output = ''; |
| 197 | - foreach (explode(' ', $blocks) as $block) |
|
| 198 | - $output .= chr(bindec(str_pad($block, 8, 0, STR_PAD_RIGHT))); |
|
| 214 | + foreach (explode(' ', $blocks) as $block) { |
|
| 215 | + $output .= chr(bindec(str_pad($block, 8, 0, STR_PAD_RIGHT))); |
|
| 216 | + } |
|
| 199 | 217 | return $output; |
| 200 | 218 | } |
| 201 | 219 | |
@@ -42,12 +42,12 @@ |
||
| 42 | 42 | fclose($fd); |
| 43 | 43 | |
| 44 | 44 | foreach ($headers['wrapper_data'] as $h) { |
| 45 | - if (strcasecmp(substr($h, 0, 5), 'Date:') === 0) |
|
| 46 | - return \DateTime::createFromFormat($this->expectedtimeformat, trim(substr($h,5)))->getTimestamp(); |
|
| 45 | + if (strcasecmp(substr($h, 0, 5), 'Date:') === 0) { |
|
| 46 | + return \DateTime::createFromFormat($this->expectedtimeformat, trim(substr($h,5)))->getTimestamp(); |
|
| 47 | + } |
|
| 47 | 48 | } |
| 48 | 49 | throw new \TimeException(sprintf('Unable to retrieve time from %s (Invalid or no "Date:" header found)', $this->url)); |
| 49 | - } |
|
| 50 | - catch (Exception $ex) { |
|
| 50 | + } catch (Exception $ex) { |
|
| 51 | 51 | throw new \TimeException(sprintf('Unable to retrieve time from %s (%s)', $this->url, $ex->getMessage())); |
| 52 | 52 | } |
| 53 | 53 | } |
@@ -9,8 +9,9 @@ |
||
| 9 | 9 | $json = @json_decode( |
| 10 | 10 | @file_get_contents('http://www.convert-unix-time.com/api?timestamp=now') |
| 11 | 11 | ); |
| 12 | - if ($json === null || !is_int($json->timestamp)) |
|
| 13 | - throw new \TimeException('Unable to retrieve time from convert-unix-time.com'); |
|
| 12 | + if ($json === null || !is_int($json->timestamp)) { |
|
| 13 | + throw new \TimeException('Unable to retrieve time from convert-unix-time.com'); |
|
| 14 | + } |
|
| 14 | 15 | return $json->timestamp; |
| 15 | 16 | } |
| 16 | 17 | } |
| 17 | 18 | \ No newline at end of file |
