<?php
$conectar = mysql_connect("*****", "******", "******") or die(mysql_error());
$select = mysql_select_db("*******", $conectar);
 
function f($x){
return ($x * $x);
}
 
function fastmodexp($x, $y, $mod){
  $p = 1;
  $aux = $x;
  while($y > 0){
      if ($y % 2 == 1){
          $p = ($p * $aux) % $mod;
      } 
      $aux = ($aux * $aux) % $mod;
      $y = $y >> 1;
  }
  return ($p);
}
?>
 
<html>
<head>
<title>Web Service - RSA-Based digital signatures</title>
</head>
<body>
<a href="http://robertomtz.comeze.com/script.py">Download script</a></br>

<?php
if(isset($_POST['Generate'])){ 
   $random = rand(0, 9);
}
 
if(isset($_POST['Check'])){
   $usuario = $_POST['usuarios'];
   $x = $_POST['challengen'];
   $r = $_POST['response'];
 
   $E = mysql_fetch_row(mysql_query("SELECT E From Usuarios WHERE Usuario = \"". $usuario . "\""));
   $N = mysql_fetch_row(mysql_query("SELECT N From Usuarios WHERE Usuario = \"". $usuario . "\""));
 
   $e = $E[0];
   $n = $N[0];   
 
   $y = f($x);
   $num = fastmodexp($r, $e, $n);
 
   if ($y == $num){
      echo "<strong><h2>Yes, it was ". $usuario ." :)</h2></strong>";
   } else {
      echo "<strong><h2>No, it wasn't ". $usuario ." :(</h2></strong>";
   }
}
?>
 
<form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Challenge: <?php echo $random; ?> 
<input type="submit" name="Generate" value="Generate" />
</form>
 
<form action = "<?php echo $_SERVER['PHP_SELF'];?>" method="post"> 
<input type="hidden" value="<?php echo $random; ?>" name="challengen"/>
<?php
$strmysql = "SELECT Usuario FROM Usuarios";
$usuarios = mysql_query($strmysql);
$select = "<select name=\"usuarios\">";
while($fila = mysql_fetch_array($usuarios)){
    $select .= "<option value='".$fila['Usuario']."'>".$fila['Usuario']."</option>";
}
$select .= "</select>";  
?>
 
User: <?php echo $select; ?> </br></br>
 
Response: <input type="text" name="response" size = "10" /> </br>
 
<input type="submit" name="Check" value="Check" /> </br>
</form>

</body>
</html>