how about this:
function get_token() {
local now=`date +\%s`
local ts=`echo -e "obase=16\n${now}" | bc | tr [A-Z] [a-z]`
local md5short=`echo $ts | md5sum | cut -c9-16`;
echo $ts$md5short
}
function check_token() {
local ts=`echo $1 | cut -c1-8`
local crc=`echo $1 | cut -c9-16`
local md5=`echo $ts | md5sum | cut -c9-16`
[ "$crc" != "$md5" ] && echo "token invalid." && return -1
ts=`echo $ts | tr [a-z] [A-Z]`
local ttime=`echo -e "ibase=16\n${ts}" | bc`
local end=`date +\%s -d "10 seconds ago"`
if [ $ttime -gt $end ]; then
echo "token valid."
return 0
else
echo "token expired."
return 1
fi
}
improvements?
i know that people who know the code can break the scheme, but it's
not that paramount to be secure. a little bit rot[0-9]* here and
there, and it's pretty much security by obscurity. it would suffice
for me, unless someone has anything else to say...
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
the reason that every major university maintains
a department of mathematics is that
it's cheaper than institutionalizing all those people.
Attachment:
pgpxSMlH2DipU.pgp
Description: PGP signature