T\u00e4ss\u00e4 postissa k\u00e4yn l\u00e4pi tertun ns istuntoavaimen muodostamisen. Istuntoavaimen luomiseen tarvitaan satunnaisbittigeneraattori ja joku sis\u00e4inen malli, jonka mukaan istuntoavain muodostetaan satunnaisbittigeneraattorin antamista biteist\u00e4. Ensin yksinkertainen satunnaisbittigeneraattori ressu:<\/p>\n\n\n\n
T\u00e4ss\u00e4 k\u00e4ytet\u00e4\u00e4n vain yht\u00e4 l\u00e4hdett\u00e4, ressua. Varmuuden vuoksi kannattaa lis\u00e4t\u00e4 ainakin toinen l\u00e4hde.<\/p>\n\n\n\n
#include <sys\/time.h>\n\nunsigned char dba_clockbyte() \/* JariK 2013-2020 *\/\n{\n struct timeval tv;\n\n gettimeofday(&tv,NULL);\n\n return(tv.tv_usec & 0xff);\n}\n\nvoid dba_ressu_genbytes(int size, unsigned char *buffer) \/* JariK 12\/2020 *\/\n{\n int c, d, e, f, byte, prevbyte, bits;\n\n f=0;\n bits=0;\n\n for(c=0; c<8 || c%8!=0 || c<16 || c<48 ||\n bits<8*size; c++) {\n for(d=0; d<size; d++) {\n e = buffer[d];\n e = ((e&0x80)>>7) | ((e&0x7f)<<1);\n byte = dba_clockbyte();\n buffer[d] = e^byte;\n if(prevbyte != byte) {\n bits++;\n prevbyte = byte;\n }\n }\n for(d=0; d<size; d++) {\n f = (f+buffer[d])%size;\n e = buffer[d];\n buffer[d] = buffer[f];\n buffer[f] = e;\n }\n }\n}<\/code><\/pre>\n\n\n\nJa sitten rutiinit, joilla satunnaismerkkej\u00e4 saa merkki kerrallaan:<\/p>\n\n\n\n
#define DBA_RESSUCNT 128\n#define DBA_RESSU_CLEAR 2\n\nunsigned char dba_ressu_bytes[DBA_RESSUCNT];\nint dba_ressu_byte = 999999;\nint dba_ressu_cnt = DBA_RESSUCNT;\n\nint dba_ressu_genbyte()\n{\n if(dba_ressu_byte>=dba_ressu_cnt) {\n#ifdef DBA_RESSU_CLEAR\n memset(dba_ressu_bytes,0,dba_ressu_cnt);\n#else\n if(dba_ressu_byte==999999)\n memset(dba_ressu_bytes,0,dba_ressu_cnt);\n#endif\n dba_ressu_genbytes(dba_ressu_cnt,dba_ressu_bytes);\n dba_ressu_byte=0;\n }\n return(dba_ressu_bytes[dba_ressu_byte++]);\n}\n\nint dba_ressu_genbyte_limit(int limit)\n{\n int c;\n\n while((c = dba_ressu_genbyte())>=\n (256\/limit)*limit);\n \/* while((c = fort_random_data_byte())> \n (256\/limit)*limit); little bug *\/\n return(c % limit);\n}\n\nvoid dba_ressu_random_clear()\n{\n memset(dba_ressu_bytes,0,dba_ressu_cnt);\n dba_ressu_byte=999998;\n}\n<\/code><\/pre>\n\n\n\nSeuraava rutiini arpoo istuntoavaimen merkki kerrallaan:<\/p>\n\n\n\n
\/\/ 0123456789\n\/\/ abcdefghij\n\/\/ klmnopqrst\n\/\/ uvwxyzABCD\n\/\/ EFGHIJKLMN\n\/\/ OPQRSTUVWX\n\/\/ YZ\n\nvoid dba_gensessionid(int size, unsigned char *buffer)\n{\n int len,byte,first;\n unsigned char chars[] =\n \"0123456789\" \\\n \"abcdefghijklmnopqrstuvwxyz\" \\\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\";\n unsigned char *n;\n\n dba_ressu_random_clear();\n n=buffer;\n len=0;\n first=1;\n while(++len<size) {\n if(first)\n byte=dba_ressu_genbyte_limit(sizeof(chars)-11)+10;\n else\n byte=dba_ressu_genbyte_limit(sizeof(chars)-1);\n *n++=chars[byte];\n first=0;\n }\n *n='\\0';\n dba_ressu_random_clear();\n}<\/code><\/pre>\n\n\n\nSession id talletetaan kookieksi tulostamalla kookierivi html otsakkeeseen:<\/p>\n\n\n\n
#define DBS_RENEW_SESSION_HOURS 24\n\nvoid dba_renew_cookie()\n{\n dbs_html_buf_printf(HTML_HEADER_BUFFER,\"Set-Cookie: sessionid=%s; Max-Age=%d\\r\\n\",\n htmlsessionid, 3600*DBS_RENEW_SESSION_HOURS);\n}\n<\/code><\/pre>\n\n\n\nViel\u00e4 pieni p\u00e4\u00e4ohjelma: t\u00e4ss\u00e4 avaimen pituus on 32 merkki\u00e4, viimeinen merkki on ‘\\0’.<\/p>\n\n\n\n
void main()\n{\n char buffer[33];\n\n dba_gensessionid(sizeof(buffer),buffer);\n\n fprintf(stdout,\"%s\\n\",buffer);\n}<\/code><\/pre>\n\n\n\n<\/p>\n","protected":false},"excerpt":{"rendered":"
T\u00e4ss\u00e4 postissa k\u00e4yn l\u00e4pi tertun ns istuntoavaimen muodostamisen. Istuntoavaimen luomiseen tarvitaan satunnaisbittigeneraattori ja joku sis\u00e4inen malli, jonka mukaan istuntoavain muodostetaan satunnaisbittigeneraattorin antamista biteist\u00e4. Ensin yksinkertainen satunnaisbittigeneraattori ressu: T\u00e4ss\u00e4 k\u00e4ytet\u00e4\u00e4n vain yht\u00e4 l\u00e4hdett\u00e4, ressua. Varmuuden vuoksi kannattaa lis\u00e4t\u00e4 ainakin toinen l\u00e4hde. Ja sitten rutiinit, joilla satunnaismerkkej\u00e4 saa merkki kerrallaan: Seuraava rutiini arpoo istuntoavaimen merkki kerrallaan: Session… Continue reading Istuntoavaimen luominen<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/posts\/1499"}],"collection":[{"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/moijari.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1499"}],"version-history":[{"count":13,"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/posts\/1499\/revisions"}],"predecessor-version":[{"id":1521,"href":"https:\/\/moijari.com\/index.php?rest_route=\/wp\/v2\/posts\/1499\/revisions\/1521"}],"wp:attachment":[{"href":"https:\/\/moijari.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/moijari.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/moijari.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}