public function create_message(model\api_message $message)
{
$payload = serialize($message);
$key = $this->key;
$salt = crypt(microtime() . mt_rand(0, mt_getrandmax()));
$cipher = new \Crypt_AES(CRYPT_AES_MODE_ECB);
$cipher->setPassword($key, 'pbkdf2', 'sha256', $salt, 1000);
$payload_enc = $cipher->encrypt($payload);
$message = base64_encode(serialize(array('s' => $salt, 'p' => $payload_enc, 't' => @gmmktime())));
return $message;
}
public static function decrypt($secret, $password, ApiKeyEncryptionOptions $options)
{
$decodedSecret = self::base64url_decode($secret);
$salt = self::base64url_decode($options->getEncryptionKeySalt());
$iterations = $options->getEncryptionKeyIterations();
$keyLengthBits = $options->getEncryptionKeySize();
$iv = substr($decodedSecret, 0, 16);
$aes = new \Crypt_AES();
$aes->setPassword($password, 'pbkdf2', 'sha1', $salt, $iterations, $keyLengthBits / 8);
$aes->setKeyLength($keyLengthBits);
$aes->setIV($iv);
return $aes->decrypt(substr($decodedSecret, 16));
}
/**
* Decrypt the given AES ciphertext
*
* The mode is CBC, the key is derived using pbkdf2
*
* @param string $ciphertext The encrypted data
* @param string $secret The secret/password that shall be used
* @return string The decrypted data
*/
function auth_decrypt($ciphertext, $secret)
{
$iv = substr($ciphertext, 0, 16);
$cipher = new Crypt_AES();
$cipher->setPassword($secret);
$cipher->setIV($iv);
return $cipher->decrypt(substr($ciphertext, 16));
}
function decryptFile($filename, $key)
{
include_once CL_ROOT . "/include/phpseclib/Crypt/AES.php";
$cipher = new Crypt_AES();
// could use CRYPT_AES_MODE_CBC
$cipher->setPassword($key);
$ciphertext = file_get_contents($filename);
//echo $cipher->decrypt($cipher->encrypt($plaintext));
return $cipher->decrypt($ciphertext);
}
<?php
session_start();
if ($_SESSION["autentificado"]) {
include 'Crypt/AES.php';
$cipher = new Crypt_AES(CRYPT_AES_MODE_ECB);
$cipher->setPassword('whatever');
$menu1 = $_SESSION['username'];
$hostname = '{mx1.hostinger.mx:143/imap}INBOX';
$username = $_SESSION['email'];
$password = $_SESSION['pwemail'];
$inbox = imap_open($hostname, $username, $password);
$emails = imap_search($inbox, 'SUBJECT "BlueTurtle"');
} else {
header("Location:index.php");
}
?>
<!DOCTYPE html>
<html lang="es-MX">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="src/faviconbt.ico" rel="icon" type="image/x-icon" />
<title>BlueTurtle</title>
<!-- Bootstrap CSS -->
<link href="css/bootstrap.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<?php
session_start();
if ($_SESSION["autentificado"]) {
$menu1 = $_SESSION['username'];
include 'Crypt/AES.php';
$cipher = new Crypt_AES(CRYPT_AES_MODE_ECB);
$cipher->setPassword($_POST['pass']);
$menu1 = $_SESSION['username'];
$hostname = '{mx1.hostinger.mx:143/imap}INBOX';
$username = $_SESSION['email'];
$password = $_SESSION['pwemail'];
$inbox = imap_open($hostname, $username, $password);
$emails = imap_search($inbox, 'SUBJECT "BlueTurtle"');
} else {
header("Location:index.php");
}
?>
<!DOCTYPE html>
<html lang="es-MX">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="src/faviconbt.ico" rel="icon" type="image/x-icon" />
<title>BlueTurtle</title>
<!-- Bootstrap CSS -->
<link href="css/bootstrap.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<?php
session_start();
$tokenNac = time() - $_SESSION['tokenNac'];
if (isset($_SESSION['token'])) {
if ($_POST['token'] === $_SESSION['token']) {
if ($tokenNac >= 5) {
if ($_SESSION["autentificado"]) {
include '../Crypt/AES.php';
$cipher = new Crypt_AES(CRYPT_AES_MODE_ECB);
$tipo = $_POST['tipo'];
$para = $_POST['email'];
$asunto = "BlueTurtle" . $tipo . $_SESSION['username'];
if ($tipo == 'passwd') {
if ($_POST['palCla'] == $_POST['conPal']) {
$cipher->setPassword($_POST['palCla']);
$mensaje = base64_encode($cipher->encrypt($_POST['mensaje']));
$mensaje = wordwrap($mensaje, 70, "\r\n");
@mail($para, $asunto, $mensaje);
echo "<script>alert('El mensaje se envio correctamente');\n\t\t\t\t\t\t\tlocation.href='../EnvioRapido.php';\n\t\t\t\t\t\t\t</script>";
} else {
header('Location:../index.php');
}
}
if ($tipo == 'basica') {
$cipher->setPassword('whatever');
$mensaje = base64_encode($cipher->encrypt($_POST['mensaje']));
$mensaje = wordwrap($mensaje, 70, "\r\n");
@mail($para, $asunto, $mensaje);
echo "<script>alert('El mensaje se envio correctamente');\n\t\t\t\t\t\tlocation.href='../EnvioRapido.php';\n\t\t\t\t\t\t</script>";
}
