function cbc_mac($data, $k, $n) { $padding_size = strlen($data) % 16 == 0 ? 0 : 16 - strlen($data) % 16; $data .= str_repeat("", $padding_size); $chunks = get_chunks(strlen($data)); $file_mac = array(0, 0, 0, 0); foreach ($chunks as $pos => $size) { $chunk_mac = array($n[0], $n[1], $n[0], $n[1]); for ($i = $pos; $i < $pos + $size; $i += 16) { $block = str_to_a32(substr($data, $i, 16)); $chunk_mac = array($chunk_mac[0] ^ $block[0], $chunk_mac[1] ^ $block[1], $chunk_mac[2] ^ $block[2], $chunk_mac[3] ^ $block[3]); $chunk_mac = aes_cbc_encrypt_a32($chunk_mac, $k); } $file_mac = array($file_mac[0] ^ $chunk_mac[0], $file_mac[1] ^ $chunk_mac[1], $file_mac[2] ^ $chunk_mac[2], $file_mac[3] ^ $chunk_mac[3]); $file_mac = aes_cbc_encrypt_a32($file_mac, $k); } return $file_mac; }
function base64_to_a32($s) { return str_to_a32(base64urldecode($s)); }
function Login($user, $pass) { global $T8; if (!extension_loaded('bcmath')) { html_error('This plugin needs BCMath extension for login.'); } $password_aes = prepare_key(str_to_a32($pass)); $T8['user_handle'] = stringhash($user, $password_aes); $res = apiReq(array('a' => 'us', 'user' => $user, 'uh' => $T8['user_handle'])); if (is_numeric($res[0])) { check_errors($res[0], 'Cannot login'); } $T8['master_key'] = decrypt_key(base64_to_a32($res[0]['k']), $password_aes); $privk = a32_to_str(decrypt_key(base64_to_a32($res[0]['privk']), $T8['master_key'])); $rsa_priv_key = array(0, 0, 0, 0); for ($i = 0; $i < 4; $i++) { $l = (ord($privk[0]) * 256 + ord($privk[1]) + 7) / 8 + 2; $rsa_priv_key[$i] = mpi2bc(substr($privk, 0, $l)); $privk = substr($privk, $l); } $T8['sid'] = rsa_decrypt(mpi2bc(base64url_decode($res[0]['csid'])), $rsa_priv_key[0], $rsa_priv_key[1], $rsa_priv_key[2]); $T8['sid'] = base64url_encode(substr(strrev($T8['sid']), 0, 43)); getRootNode(); t8ArrToCookieArr($rsa_priv_key); SaveCookies($user, $pass); // Update cookies file. $cookie = ''; }