public function decrypt($string, $key)
{
$dec = "";
$string = trim(base64_decode($string));
$dec = mcrypt_cbc(MCRYPT_TripleDES, $key, $string, MCRYPT_DECRYPT, $this->iv);
return $dec;
}
function decrypt($str)
{
$str = base64_decode($str);
$str = mcrypt_cbc(MCRYPT_DES, $this->key, $str, MCRYPT_DECRYPT, $this->iv);
$str = $this->pkcs5Unpad($str);
return $str;
}
/**
* 解密
* @param string $str 要处理的字符串
* @param string $key 解密Key,为8个字节长度
* @return string
*/
public function decode($str, $key)
{
$strBin = base64_decode($str);
$str = mcrypt_cbc(MCRYPT_DES, $key, $strBin, MCRYPT_DECRYPT, $key);
$str = $this->pkcs5Unpad($str);
return $str;
}
static function decrypt($str, $key)
{
$strBin = self::hex2bin($str);
$str = mcrypt_cbc(MCRYPT_DES, $key, $strBin, MCRYPT_DECRYPT, $key);
$str = self::pkcs5Unpad($str);
return $str;
}
function encrypt($str)
{
//加密,返回大写十六进制字符串
$size = mcrypt_get_block_size(MCRYPT_DES, MCRYPT_MODE_CBC);
$str = $this->pkcs5Pad($str, $size);
return strtoupper(bin2hex(mcrypt_cbc(MCRYPT_DES, $this->key, $str, MCRYPT_ENCRYPT, $this->iv)));
}
function decrypt($str)
{
$strBin = $this->hex2bin(strtolower($str));
$str = mcrypt_cbc(MCRYPT_DES, $this->key, $strBin, MCRYPT_DECRYPT, $this->iv);
$str = $this->pkcs5Unpad($str);
return $str;
}
public static function decrypt2($str, $key)
{
//½âÃÜ
$strBin = hex2bin(strtolower($str));
$str = mcrypt_cbc(MCRYPT_DES, $key, $strBin, MCRYPT_DECRYPT, $key);
return trim($str);
}
public static function encrypt($string, $secret = null)
{
$secret = empty($secret) ? ENCRYPT_SECRET : $secret;
$ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = self::generateIV($ivsize, $secret);
return mcrypt_cbc(MCRYPT_RIJNDAEL_128, $secret, $string, MCRYPT_MODE_CBC, $iv);
}
/**
* 解密
* @param string $str 要处理的字符串
* @param string $key 解密Key,为8个字节长度
* @return string
*/
public function decode($str, $key)
{
$str = str_replace("@@", "/", $str);
$str = str_replace("\$\$", "+", $str);
$strBin = base64_decode($str);
$str = mcrypt_cbc(MCRYPT_DES, $key, $strBin, MCRYPT_DECRYPT, $key);
$str = $this->pkcs5Unpad($str);
return $str;
}
protected function decrypt($text)
{
//解密
$key = C('TD_SECRET_KEY');
$str = base64_decode($text);
$str = mcrypt_cbc(MCRYPT_DES, $key, $str, MCRYPT_DECRYPT, $key);
$str = $this->pkcs5Unpad($str);
return $str;
}
function do_mdecrypt($input, $key) {
$input = str_replace ( "\n", "", $input );
$input = str_replace ( "\t", "", $input );
$input = str_replace ( "\r", "", $input );
$input = base64_decode ( $input );
$iv = "EjRWeJCrze8=";
$str = mcrypt_cbc ( MCRYPT_DES, $key, $input, MCRYPT_DECRYPT, base64_decode ( $iv ) );
$str = pkcs5Unpad ( $str );
return $str;
}
public function decrypt($cipher)
{
if ($this->blockmode == Lms_Crypt::MODE_ECB) {
$plain = mcrypt_ecb($this->alghoritm, $this->key, $cipher, MCRYPT_DECRYPT, $this->iv);
}
if ($this->blockmode == Lms_Crypt::MODE_CBC) {
$plain = mcrypt_cbc($this->alghoritm, $this->key, $cipher, MCRYPT_DECRYPT, $this->iv);
}
return $plain;
}
/**
Session storage function (write).
Writes the session data after the page code has finished to the cookie with the session id as the cookie name.
@param arg_str_session_id the 32 byte session id supplied by the client.
@param arg_str_session_data the session data to be written to cookie.
@return Boolean true/false.
@see read().
@access Public.
*/
function write($arg_str_session_id, $arg_str_session_data)
{
$iv = strrev(substr(SESSION_ENCRYPTION_KEY, 0, 8));
$cypher = base64_encode(mcrypt_cbc(MCRYPT_TRIPLEDES, SESSION_ENCRYPTION_KEY, $arg_str_session_data, MCRYPT_ENCRYPT, $iv));
if (COOKIE_DOMAIN) {
setcookie(session_name(), session_id(), 0, "/", COOKIE_DOMAIN ? "." . COOKIE_DOMAIN : NULL);
}
setcookie($arg_str_session_id, $cypher, 0, "/", COOKIE_DOMAIN ? "." . COOKIE_DOMAIN : NULL);
ob_end_flush();
return true;
}
public function decode($content, $key)
{
$this->key = $key;
$this->iv = $key;
$content = str_replace("@@", "/", $content);
$content = str_replace("\$\$", "+", $content);
$content = base64_decode($content);
$content = mcrypt_cbc(MCRYPT_DES, $this->key, $content, MCRYPT_DECRYPT, $this->iv);
$content = $this->pkcs5Unpad($content);
return $content;
}
function encrypt($time, $string)
{
if (empty($string)) {
return '';
}
$iv = $this->config['SECRETKEY'];
# 提供的测试key abcdefgh
$string = $time . $string;
$string = $this->pkcs5Pad($string);
$enc = mcrypt_cbc(MCRYPT_DES, $iv, $string, MCRYPT_ENCRYPT, $iv);
return base64_encode($enc);
}
public function Decrypt($data, $k)
{
if (empty($k) || empty($data)) {
return '';
}
try {
$strBin = $this->hex2bin(strtolower($data));
$str = mcrypt_cbc(MCRYPT_DES, $this->iv, $strBin, MCRYPT_DECRYPT, $this->iv);
return $this->pkcs5Unpad($str);
} catch (Exception $e) {
return '解密失败';
}
}
/**
* 对称解密算法
* @param $data
* @return string
*/
public static function decrypt($data, $key, $iv)
{
$data_decode = base64_decode($data);
$check_php_version = PHP_VERSION > '5.5.0';
if ($check_php_version) {
$td = mcrypt_module_open('rijndael-128', '', 'cbc', '');
if (mcrypt_generic_init($td, $key, $iv) != -1) {
$decryptedcbc = mdecrypt_generic($td, $data_decode);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
} else {
$decryptedcbc = '';
}
} else {
$decryptedcbc = mcrypt_cbc(MCRYPT_RIJNDAEL_128, $key, $data_decode, MCRYPT_DECRYPT, $iv);
}
return $decryptedcbc;
}
/**
* 解密字符串
*
* @param string $str 解密的字符串
* @param string $key 密钥
* @return string 解密后的结果
*/
public static function decrypt($str, $key, $iv = '')
{
if (!$str || !is_string($str)) {
throw new WindException('[utility.WindSecurity.decrypt] security string is required.', WindException::ERROR_PARAMETER_TYPE_ERROR);
}
if (!$key || !is_string($key)) {
throw new WindException('[utility.WindSecurity.decrypt] security key is required.', WindException::ERROR_PARAMETER_TYPE_ERROR);
}
$size = mcrypt_get_block_size(MCRYPT_DES, MCRYPT_MODE_CBC);
$iv = substr(md5($iv ? $iv : $key), -$size);
$str = base64_decode($str);
@($str = mcrypt_cbc(MCRYPT_DES, $key, $str, MCRYPT_DECRYPT, $iv));
$pad = ord($str[strlen($str) - 1]);
if ($pad > strlen($str)) {
return false;
}
if (strspn($str, chr($pad), strlen($str) - $pad) != $pad) {
return false;
}
return substr($str, 0, -1 * $pad);
}
public function decrypt($string, $key, $iv = '')
{
if ($string === '') {
return '';
}
if (!extension_loaded('mcrypt')) {
throw new WindException('[security.WindMcryptCbc.decrypt] extension \'mcrypt\' is not loaded.');
}
if (!$key || !is_string($key)) {
throw new WindException('[security.WindMcryptCbc.decrypt] security key is required.', WindException::ERROR_PARAMETER_TYPE_ERROR);
}
$size = mcrypt_get_block_size(MCRYPT_DES, MCRYPT_MODE_CBC);
$iv = substr(md5($iv ? $iv : $key), -$size);
$str = mcrypt_cbc(MCRYPT_DES, $key, $string, MCRYPT_DECRYPT, $iv);
$pad = ord($str[strlen($str) - 1]);
if ($pad > strlen($str)) {
return false;
}
if (strspn($str, chr($pad), strlen($str) - $pad) != $pad) {
return false;
}
return substr($str, 0, -1 * $pad);
}
function decrypt($raw_key, $ciphertext, $debug = 0)
{
$key = gen_key($raw_key);
$iv = gen_iv($raw_key);
$urldec = urldecode($ciphertext);
$b64dec = base64_decode($urldec);
$json_string = mcrypt_cbc(MCRYPT_BLOWFISH, $key, $b64dec, MCRYPT_DECRYPT, $iv);
$json_string_trimmed = rtrim($json_string, chr(0));
$array = json_decode($json_string_trimmed, 1);
if ($debug) {
print "decrypt\n";
print "Raw-Key: {$raw_key}\n";
print "Key: {$key}\n";
print "IV: {$iv}\n";
print "Ciphertext: {$ciphertext}\n";
print "Urldec: {$urldec}\n";
//print "Base64: $b64dec\n";
print "JSON: {$json_string}\n";
print "JSON-rtrim: {$json_string_trimmed}\n";
print "Array:\n";
print_r($array);
}
return $array;
}
}
if (!empty($_POST['inscription'])) {
// Initialisation de AFUP_Log
require_once dirname(__FILE__) . '/../../../sources/Afup/AFUP_Logs.php';
AFUP_Logs::initialiser($bdd, $droits->obtenirIdentifiant());
require_once 'inscription.php';
}
if ($_GET['page'] == 'se_deconnecter') {
$droits->seDeconnecter();
header('Location: index.php?page=connexion');
exit;
}
if ($_GET['page'] == 'desinscription_mailing') {
require_once dirname(__FILE__) . '/../../../sources/Afup/AFUP_BlackList.php';
$blackList = new AFUP_BlackList($bdd);
$mail = trim(mcrypt_cbc(MCRYPT_TripleDES, 'MailingAFUP', base64_decode(urldecode($_GET['hash'])), MCRYPT_DECRYPT, '@Mailing'));
$blackList->blackList($mail);
afficherMessage("Votre email a été effacé.\nYour email has been deleted.", '/');
exit;
}
if (!empty($_GET['hash'])) {
$droits->seDeconnecter();
$droits->seConnecterEnAutomatique($_GET['hash']);
}
if (!$droits->estConnecte() and $_GET['page'] != 'connexion' and $_GET['page'] != 'mot_de_passe_perdu' and $_GET['page'] != 'message' and $_GET['page'] != 'inscription') {
header('Location: index.php?page=connexion&echec=' . $droits->verifierEchecConnexion() . '&page_demandee=' . urlencode($_SERVER['REQUEST_URI']));
exit;
}
// On vérifie que l'utilisateur a le droit d'accéder à la page
require_once dirname(__FILE__) . '/../../../configs/application/pages.php';
$droits->chargerToutesLesPages($pages);
/**
* decrypt a string use the TripleDES algorithm. This meant to be
* modified if the end user chooses a different algorithm
*
* @param $string - the string to decrypt
*
* @return a decrypted string if we can decrypt, the original string otherwise
*/
function decrypt_string($string)
{
$GLOBALS['log']->info('Begin: SoapHelperWebServices->decrypt_string');
if (function_exists('mcrypt_cbc')) {
require_once 'modules/Administration/Administration.php';
$focus = new Administration();
$focus->retrieveSettings();
$key = '';
if (!empty($focus->settings['ldap_enc_key'])) {
$key = $focus->settings['ldap_enc_key'];
}
if (empty($key)) {
$GLOBALS['log']->info('End: SoapHelperWebServices->decrypt_string - empty key');
return $string;
}
// if
$buffer = $string;
$key = substr(md5($key), 0, 24);
$iv = "password";
$GLOBALS['log']->info('End: SoapHelperWebServices->decrypt_string');
return mcrypt_cbc(MCRYPT_3DES, $key, pack("H*", $buffer), MCRYPT_DECRYPT, $iv);
} else {
$GLOBALS['log']->info('End: SoapHelperWebServices->decrypt_string');
return $string;
}
}
<?php
$action = verifierAction(array('lister', 'modifier', 'telecharger_facture', 'envoyer_facture'));
//$action = verifierAction(array('lister', 'devis','facture','ajouter', 'modifier'));
//$tris_valides = array('Date', 'Evenement', 'catégorie', 'Description');
//$sens_valides = array('asc', 'desc');
$smarty->assign('action', $action);
require_once dirname(__FILE__) . '/../../../sources/Afup/AFUP_Compta_Facture.php';
$comptaFact = new AFUP_Compta_Facture($bdd);
if ($action == 'lister') {
$ecritures = $comptaFact->obtenirFacture();
foreach ($ecritures as &$e) {
$e['link'] = urlencode(base64_encode(mcrypt_cbc(MCRYPT_TripleDES, 'PaiementFactureAFUP_AFUP', $e['id'], MCRYPT_ENCRYPT, '@PaiFact')));
}
$smarty->assign('ecritures', $ecritures);
} elseif ($action == 'telecharger_facture') {
$comptaFact->genererFacture($_GET['ref']);
} elseif ($action == 'envoyer_facture') {
if ($comptaFact->envoyerfacture($_GET['ref'])) {
AFUP_Logs::log('Envoi par email de la facture n°' . $_GET['ref']);
afficherMessage('La facture a été envoyée', 'index.php?page=compta_facture&action=lister');
} else {
afficherMessage("La facture n'a pas pu être envoyée", 'index.php?page=compta_facture&action=lister', true);
}
} elseif ($action == 'envoyer_facture') {
if ($comptaFact->envoyerFacture($_GET['ref'])) {
AFUP_Logs::log('Envoi par email de la facture n°' . $_GET['ref']);
afficherMessage('La facture a été envoyée', 'index.php?page=compta_facture&action=lister');
} else {
afficherMessage("La facture n'a pas pu être envoyée", 'index.php?page=compta_facture&action=lister', true);
}
<?php $key = "FooBar"; $secret = "PHP Testfest 2008"; $cipher = MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, MCRYPT_MODE_ECB), MCRYPT_RAND); $enc_data = mcrypt_cbc($cipher, $key, $secret, MCRYPT_ENCRYPT, $iv); // we have to trim as AES rounds the blocks and decrypt doesnt detect that echo trim(mcrypt_cbc($cipher, $key, $enc_data, MCRYPT_DECRYPT, $iv)) . "\n"; // a warning must be issued if we don't use a IV on a AES cipher, that usually requires an IV mcrypt_cbc($cipher, $key, $enc_data, MCRYPT_DECRYPT);
/**
* decrypt a string use the TripleDES algorithm. This meant to be
* modified if the end user chooses a different algorithm
*
* @param $string - the string to decrypt
*
* @return a decrypted string if we can decrypt, the original string otherwise
*/
function decrypt_string($string)
{
if (function_exists('mcrypt_cbc')) {
$focus = new Administration();
$focus->retrieveSettings();
$key = '';
if (!empty($focus->settings['ldap_enc_key'])) {
$key = $focus->settings['ldap_enc_key'];
}
if (empty($key)) {
return $string;
}
$buffer = $string;
$key = substr(md5($key), 0, 24);
$iv = "password";
return mcrypt_cbc(MCRYPT_3DES, $key, pack("H*", $buffer), MCRYPT_DECRYPT, $iv);
} else {
return $string;
}
}
*/
echo "*** Testing mcrypt_cbc() : basic functionality ***\n";
$cipher = MCRYPT_TRIPLEDES;
$data = "This is the secret message which must be encrypted";
$mode = MCRYPT_DECRYPT;
// tripledes uses keys with exactly 192 bits (24 bytes)
$keys = array('12345678', '12345678901234567890', '123456789012345678901234', '12345678901234567890123456');
$data1 = array('IleMhoxiOthmHua4tFBHOw==', 'EeF1s6C+w1IiHj1gdDn81g==', 'EEuXpjZPueyYoG0LGQ199Q==', 'EEuXpjZPueyYoG0LGQ199Q==');
// tripledes is a block cipher of 64 bits (8 bytes)
$ivs = array('1234', '12345678', '123456789');
// data represented in base64 (ascii)
$data2 = array('+G7nGcWIxij3TZjpI9lJdQ==', '3bJiFMeyScxOLQcE6mZtLg==', '+G7nGcWIxij3TZjpI9lJdQ==');
$iv = '12345678';
echo "\n--- testing different key lengths\n";
for ($i = 0; $i < sizeof($keys); $i++) {
echo "\nkey length=" . strlen($keys[$i]) . "\n";
special_var_dump(mcrypt_cbc($cipher, $keys[$i], base64_decode($data1[$i]), $mode, $iv));
}
$key = '123456789012345678901234';
echo "\n--- testing different iv lengths\n";
for ($i = 0; $i < sizeof($ivs); $i++) {
echo "\niv length=" . strlen($ivs[$i]) . "\n";
special_var_dump(mcrypt_cbc($cipher, $key, base64_decode($data2[$i]), $mode, $ivs[$i]));
}
function special_var_dump($str)
{
var_dump(bin2hex($str));
}
?>
===DONE===
private function decrypt($ciphertext)
{
$raw_key = $this->config['api_key'];
$key = $this->gen_key($raw_key);
$iv = $this->gen_iv($raw_key);
$urldec = urldecode($ciphertext);
$b64dec = base64_decode($urldec);
$json_string = mcrypt_cbc(MCRYPT_BLOWFISH, $key, $b64dec, MCRYPT_DECRYPT, $iv);
$json_string_trimmed = rtrim($json_string, chr(0));
$json_string_preped = $this->prepare_json($json_string_trimmed);
$array = json_decode($json_string_preped, 1);
if ($this->debug) {
$debug_str = "decrypt - ";
$debug_str .= "Raw-Key: {$raw_key} - ";
$debug_str .= "Key: {$key} - ";
$debug_str .= "IV: {$iv} - ";
$debug_str .= "Ciphertext: {$ciphertext} - ";
$debug_str .= "Urldec: {$urldec} - ";
//$debug_str .= "Base64: $b64dec - ";
$debug_str .= "JSON: {$json_string} - ";
$debug_str .= "JSON-rtrim: {$json_string_trimmed} - ";
$debug_str .= "JSON-prep: {$json_string_preped} - ";
$debug_str .= "Array: - ";
$debug_str .= print_r($array, TRUE);
$debug_str .= " - JSON-Error: " . json_last_error();
write_log('vboxadm', $debug_str);
}
return $array;
}
function decrypt($str)
{
//解密
$key = 'da29ew17';
$str = rawurldecode($str);
echo $str;
$str = base64_decode($str);
$str = mcrypt_cbc(MCRYPT_DES, $key, $str, MCRYPT_DECRYPT, $key);
$str = $this->pkcs5Unpad($str);
return $str;
}
$vpwd = trim($_POST['pwd']);
$vdireccio = trim($_POST['direccion']);
$vcp = trim($_POST['cp']);
$vpoblacio = trim($_POST['poblacion']);
$vtelefon = trim($_POST['telefono']);
$vmobil = trim($_POST['movil']);
$vmail = trim($_POST['mail']);
include "open_db.php";
$sql2 = "select * from LOGIN where nif='" . $vnif . "'";
$result2 = mysql_query($sql2);
$row2 = mysql_fetch_assoc($result2);
if (isset($row2['NIF'])) {
echo "<p><b>El usuario '" . $row2['nom'] . " " . $row2['cognoms'] . "'' con nif '" . $row2['NIF'] . "'' ya existe.</b></p>";
} else {
$key = '123456789012345678901234567890123456789012345678901234567890';
$vpwd = mcrypt_cbc(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $vpwd, MCRYPT_ENCRYPT, substr($key, 32, 16));
$vpwd = bin2hex($vpwd);
if ($vnif != "") {
$sql = "select max(id_login) as max_id_login from LOGIN";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
if (!isset($row['max_id_login'])) {
$vid_login = 1;
} else {
$vid_login = $row['max_id_login'] + 1;
}
$sqlstring = "INSERT INTO LOGIN ";
$sqlstring .= "(id_login,NIF,nom,cognoms,login,clau,direccio,CP,poblacio,telefon,mobil,mail) values (";
$sqlstring .= $vid_login . ",'" . $vnif . "','" . fixQuotes($vnom) . "','" . fixQuotes($vcognoms) . "','" . fixQuotes($vlogin) . "','" . $vpwd . "',";
$sqlstring .= "'" . fixQuotes($vdireccio) . "','" . $vcp . "','" . fixQuotes($vpoblacio) . "','" . $vtelefon . "','" . $vmobil . "','" . $vmail . "')";
//echo $sqlstring;
eregi_replace(); import_request_variables(); mcrypt_generic_end(); mysql_db_query(); mysql_escape_string(); mysql_list_dbs(); mysqli_bind_param(); mysqli_bind_result(); mysqli_client_encoding(); mysqli_fetch(); mysqli_param_count(); mysqli_get_metadata(); mysqli_send_long_data(); magic_quotes_runtime(); session_register(); session_unregister(); session_is_registered(); set_magic_quotes_runtime(); set_socket_blocking(); split(); spliti(); sql_regcase(); php_logo_guid(); php_egg_logo_guid(); php_real_logo_guid(); zend_logo_guid(); datefmt_set_timezone_id(); mcrypt_ecb(); mcrypt_cbc(); mcrypt_cfb(); mcrypt_ofb();
