public function decrypt($strValue) { if ($strValue == '' || $this->strEncryptionKey == '') { return ''; } $strDecrypted = AesCtr::decrypt($strValue, $this->strEncryptionKey, 256); return $strDecrypted; }
function decodificar($cadena) { $cadena=$this->base64url_decode($cadena); if (function_exists ( 'mcrypt_decrypt' )) { $cadena = mcrypt_decrypt ( MCRYPT_RIJNDAEL_256, $this->llave, $cadena , MCRYPT_MODE_ECB ) ; } else { $cadena = AesCtr::decrypt ( $cadena , $this->llave, 256 ); } $cadena=trim($cadena); return $cadena; }
function setauth() { global $USER; // get ldap config $cfg_ldap = get_config('auth/ldap'); // create key to decrypt password $key = md5($cfg_ldap->mcryptkey); // decrypt password $dpassword = AesCtr::decrypt($USER->epassword, $key, 256); // set user properties for this class $this->user = $USER->username; $this->pw = $dpassword; $mode = $this->type; $_SESSION['swcCachedAuth'][$mode][$this->{$mode}]['User'] = $this->user; $_SESSION['swcCachedAuth'][$mode][$this->{$mode}]['Password'] = $this->pw; }
private function validateAccessTokenInner($accessToken) { $accessTokenTemp = AesCtr::decrypt($accessToken, APP_SEC, 256); $parts = explode("|", $accessTokenTemp); $user = new User(); $user->Load("id = ?", array($parts[0])); if (empty($user->id) || $user->id != $parts[0] || empty($parts[0])) { return new IceResponse(IceResponse::ERROR, -1); } $accessToken = AesCtr::decrypt($parts[1], $user->password, 256); $data = json_decode($accessToken, true); if ($data['userId'] == $user->id) { return new IceResponse(IceResponse::SUCCESS, true); } return new IceResponse(IceResponse::ERROR, false); }
echo 'document.getElementById("but_next").disabled = "disabled";'; echo 'document.getElementById("status_step1").innerHTML = "Correct the shown errors and click on button Launch to refresh";'; echo 'gauge.modify($("pbar"),{values:[0.10,1]});'; } echo 'document.getElementById("res_step1").innerHTML = "' . $txt . '";'; echo 'document.getElementById("loader").style.display = "none";'; break; #========================== #========================== case "step2": //decrypt the password require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $db_password = AesCtr::decrypt($_POST['db_password'], "cpm", 128); $res = ""; // connexion if (@mysql_connect($_POST['db_host'], $_POST['db_login'], $db_password)) { if (@mysql_select_db($_POST['db_bdd'])) { echo 'gauge.modify($("pbar"),{values:[0.40,1]});'; $res = "Connection is successfull"; echo 'document.getElementById("but_next").disabled = "";'; } else { echo 'gauge.modify($("pbar"),{values:[0.30,1]});'; $res = "Impossible to get connected to table"; echo 'document.getElementById("but_next").disabled = "disabled";'; } } else { echo 'gauge.modify($("pbar"),{values:[0.30,1]});'; $res = "Impossible to get connected to server";
public function validateInstance() { $instanceId = $this->getInstanceId(); if (empty($instanceId)) { return true; } $key = $this->getInstanceKey(); if (empty($key)) { return false; } $data = AesCtr::decrypt($key, $instanceId, 256); $arr = explode("|", $data); if ($arr[0] == KEY_PREFIX && $arr[1] == $instanceId) { return true; } return false; }
$str .= $strPol[rand(0, $max)]; //rand($min,$max)生成介于min和max两个数之间的一个随机整数 } return $str; } $RandChar = getRandChar(32) . "=="; echo "随机字符串:" . $RandChar; $timer = microtime(true); // initialise password & plaintext if not set in post array $pw = empty($_POST['pw']) ? $RandChar : $_POST['pw']; $pt = empty($_POST['pt']) ? 'pssst ... đon’t tell anyøne!' : $_POST['pt']; $cipher = empty($_POST['cipher']) ? '' : $_POST['cipher']; $plain = empty($_POST['plain']) ? '' : $_POST['plain']; // perform encryption/decryption as required $encr = empty($_POST['encr']) ? $cipher : AesCtr::encrypt($pt, $pw, 256); $decr = empty($_POST['decr']) ? $plain : AesCtr::decrypt($cipher, $pw, 256); ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>AES in PHP test harness</title> </head> <body> <form method="post"> <table> <tr> <td>Password:</td> <td><input type="text" name="pw" size="16" value="<?php echo $pw; ?>
<?php //开启session session_start(); require_once '../lib/config.php'; require_once '_check.php'; //引入AES require_once '../lib/Ss/AES/aes.class.php'; require_once '../lib/Ss/AES/aesctr.class.php'; $newpwd = AesCtr::decrypt($_POST['sspwd'], $_SESSION['randomChar'], 256); if ($oo->get_enable()) { if ($newpwd == '') { $pwd = \Ss\Etc\Comm::get_random_char(8); } else { $pwd = $newpwd; $pwd = htmlspecialchars($pwd, ENT_QUOTES, 'UTF-8'); $pwd = \Ss\Etc\Comm::checkHtml($pwd); } $oo->update_ss_pass($pwd); $a['ok'] = '1'; $a['msg'] = "新密码为" . $pwd; } else { $a['code'] = '0'; $a['msg'] = "你的SS服务已被停止,无法修改Shadowsocks连接密码。"; } echo json_encode($a, JSON_UNESCAPED_UNICODE);
<?php //开启session session_start(); require_once '../lib/config.php'; //引入AES require_once '../lib/Ss/AES/aes.class.php'; require_once '../lib/Ss/AES/aesctr.class.php'; $email = $_POST['email']; $email = strtolower($email); $passwd = AesCtr::decrypt($_POST['passwd'], $_SESSION['randomChar'], 256); $name = $_POST['name']; $repasswd = AesCtr::decrypt($_POST['repasswd'], $_SESSION['randomChar'], 256); $agree = $_POST['agree']; $code = $_POST['code']; $c = new \Ss\User\UserCheck(); $code = new \Ss\User\InviteCode($code); if (!$code->IsCodeOk()) { $a['msg'] = "邀请码无效"; } elseif (!$c->IsEmailLegal($email)) { $a['msg'] = "邮箱无效"; } elseif ($c->IsEmailUsed($email)) { $a['msg'] = "邮箱已被使用"; } elseif ($repasswd != $passwd) { $a['msg'] = "两次密码输入不符"; } elseif (strlen($passwd) < 8) { $a['msg'] = "密码太短"; } elseif (strlen($name) < 7) { $a['msg'] = "用户名太短"; } elseif ($c->IsUsernameUsed($name)) { $a['msg'] = "用户名已经被使用";
$display_balance = db_cache_balance($my_public_key); $body_string = send_receive_body($public_key_64); $body_string .= '<hr><font color="red"><strong>This exceeds your current balance, send failed...</strong></font><br><br>'; } else { if ($my_public_key == $public_key_to) { // Can't send to yourself $display_balance = db_cache_balance($my_public_key); $body_string = send_receive_body(); $body_string .= '<hr><font color="red"><strong>Can not send to yourself, send failed...</strong></font><br><br>'; } else { // Now it's time to send the transaction $my_private_key = my_private_key(); $private_key_crypt = mysql_result(mysql_query("SELECT * FROM `options` WHERE `field_name` = 'private_key_crypt' LIMIT 1"), 0, 1); if ($private_key_crypt == TRUE) { // Decrypt Private Key First $my_private_key = AesCtr::decrypt($my_private_key, $_POST["crypt_password"], 256); $valid_key = find_string("-----BEGIN", "KEY-----", $my_private_key); // Valid Decrypt? if (empty($valid_key) == TRUE) { // Decrypt Failed $display_balance = db_cache_balance($my_public_key); $body_string = send_receive_body($public_key_64, $send_amount, NULL, NULL, NULL, $_POST["name"]); $body_string .= '<hr><font color="red"><strong>Send Failed. Wrong Password.</strong></font><br><br>'; } else { if (send_timekoins($my_private_key, $my_public_key, $public_key_to, $send_amount, $message) == TRUE) { $display_balance = db_cache_balance($my_public_key); $body_string = send_receive_body($public_key_64, $send_amount, NULL, NULL, NULL, $_POST["name"]); $body_string .= '<hr><font color="green"><strong>You just sent ' . $send_amount . ' timekoins to the above public key.</strong></font><br> <strong>Your balance will not reflect this until the transaction is recorded across the entire network.</strong><br><br>'; } else { $display_balance = db_cache_balance($my_public_key);
$db->Execute($sql); //del pm_message $message_table = getmessage_table($plid); $sql = "delete from {$message_table} where plid='{$plid}'"; $db->Execute($sql); $data = array("status" => "ok", "info" => "删除成功"); } else { if ($act == "add") { //发送消息 $subject = ""; //主题 $title = ""; $conent = AesCtr::decrypt($_GET["content"], MESSAGE_KEY, 256); $fromname = $_GET['fromname']; if ($_GET['title']) { $subject = AesCtr::decrypt($_GET["title"], MESSAGE_KEY, 256); } else { $subject = $content; } //序列号字符串 $lastmessage_serialize = array("lastauthorid" => $fuid, "lastauthor" => $fromname, "lastsummary" => $content); $lastmessage = serialize($lastmessage_serialize); //step1 $plid = get_plid($min_max); $flag = false; if ($plid == "" || $plid == null) { $data_pm_lists = array("authorid" => $fuid, "pmtype" => 1, "subject" => $subject, "members" => 2, "min_max" => $min_max, "dateline" => $now, "lastmessage" => $lastmessage); $flag = $db->AutoExecute("disc_ucenter_pm_lists", $data_pm_lists, "INSERT"); $plid = $db->Insert_ID(); $msg = $db->ErrorMsg(); } else {
<?php require 'aes.class.php'; // AES PHP implementation require 'aesctr.class.php'; // AES Counter Mode implementation $timer = microtime(true); // initialise password & plaintesxt if not set in post array (shouldn't need stripslashes if magic_quotes is off) $pw = isset($_POST['pw']) ? stripslashes($_POST['pw']) : 'L0ck it up saf3'; $pt = isset($_POST['pt']) ? stripslashes($_POST['pt']) : 'pssst ... đon’t tell anyøne!'; $cipher = isset($_POST['cipher']) ? $_POST['cipher'] : ''; $plain = isset($_POST['plain']) ? stripslashes($_POST['plain']) : ''; $encr = isset($_POST['encr']) ? AesCtr::encrypt($pt, $pw, 256) : $cipher; $decr = isset($_POST['decr']) ? AesCtr::decrypt($_POST['cipher'], $pw, 256) : $plain; ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>AES in PHP test harness</title> </head> <body> <form name="frm" id="frm" method="post" action=""> <!-- same-document reference --> <table> <tr> <td>Password:</td> <td><input type="text" name="pw" size="16" value="<?php echo $pw; ?> "></td>
function getDecryptData($content) { $xA = new AesCtr(); $content = base64_decode($content); $content = $xA->decrypt($content, $this->mKey, 256); return $content; }
public function decodifica($cod) { $senhaX = base64_decode($cod); $desna = AesCtr::decrypt($senhaX, $this->master_pw, 256); return $desna; }
*/ /* * Decrypt a backup file */ case "admin_action_backup_decrypt": require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation //get backups infos $rows = $db->fetch_all_array("SELECT * FROM " . $pre . "misc WHERE type = 'settings'"); foreach ($rows as $reccord) { $settings[$reccord['intitule']] = $reccord['valeur']; } //read file $return = ""; $Fnm = $settings['bck_script_path'] . '/' . $_POST['option'] . '.sql'; if (file_exists($Fnm)) { $inF = fopen($Fnm, "r"); while (!feof($inF)) { $return .= fgets($inF, 4096); } fclose($inF); $return = AesCtr::decrypt($return, $settings['bck_script_key'], 256); //save the file $handle = fopen($settings['bck_script_path'] . '/' . $_POST['option'] . '_DECRYPTED' . '.sql', 'w+'); fwrite($handle, $return); fclose($handle); } break; }
function AES_Decrypt($ciphertext, $key, $bytes = 256) { return AesCtr::decrypt($ciphertext, $key, $bytes); }
<?php namespace Tsugi\Crypt; // From: http://www.movable-type.co.uk/scripts/aes-php.html require 'aes.class.php'; // AES PHP implementation require 'aesctr.class.php'; // AES Counter Mode implementation $timer = microtime(true); // initialise password & plaintesxt if not set in post array (shouldn't need stripslashes if magic_quotes is off) $pw = 'L0ck it up saf3'; $pt = 'pssst ... đon’t tell anyøne!'; $encr = AesCtr::encrypt($pt, $pw, 256); $decr = AesCtr::decrypt($encr, $pw, 256); echo "E: " . $encr . "\n"; echo "D: " . $decr . "\n";
} } $display .= '</select></div>'; // Show results to user. echo '[{"error":"no" , "output" : "' . $display . '"}]'; } break; //Insert into DB the items the user has selected //Insert into DB the items the user has selected case "import_items": //decrypt and retreive data in JSON format require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $data_received = AesCtr::decrypt($_POST['data'], $_SESSION['key'], 256); //Prepare variables $list_items = htmlspecialchars_decode($data_received); $list = ""; include 'main.functions.php'; foreach (explode('@_#sep#_@', mysql_real_escape_string(stripslashes($list_items))) as $item) { //For each item, insert into DB $item = explode('@|@', $item); //explode item to get all fields //Encryption key $random_key = GenerateKey(); $pw = $random_key . $item[2]; // Insert new item in table ITEMS $new_id = $db->query_insert("items", array('label' => $item[0], 'description' => $item[4], 'pw' => encrypt($pw, mysql_real_escape_string(stripslashes($_SESSION['my_sk']))), 'url' => $item[3], 'id_tree' => $_POST['folder'], 'login' => $item[1], 'anyone_can_modify' => $_POST['import_csv_anyone_can_modify'] == "true" ? 1 : 0)); //Store generated key $db->query_insert('keys', array('table' => 'items', 'id' => $new_id, 'rand_key' => $random_key));
/** * method: recv * * todo: write documentation */ public static function recv() { $base64 = Amslib_GET::get("encrypted"); if (!$base64) { self::reply(false, "missing 'encrypted' parameter"); } $encrypted = base64_decode($base64); $decrypted = AesCtr::decrypt($encrypted, self::getPassword()); try { $json = json_decode($decrypted, true); } catch (Exception $e) { // do nothing Amslib_Debug::log("Exception whilst json_decoding content"); } if (!isset($json) || !$json || !isset($json["check"])) { self::reply(false, "invalid data"); } if ($json["check"] != self::getCheck()) { self::reply(false, "check compare failed"); } unset($json["check"]); // TODO: the sender might have posted an actual file, so we need to maybe check this and // provide the file data from the $_FILES array return $json; }
if ($action == 'rsp') { // linked clicked from password change email $user = new User(); if (!empty($_REQUEST['key'])) { $arr = explode("-", $_REQUEST['key']); $userId = $arr[0]; $keyArr = array_shift($arr); if (count($keyArr) > 1) { $key = implode("-", $arr); } else { $key = $arr[0]; } $user->Load("id = ?", array($userId)); if (!empty($user->id)) { LogManager::getInstance()->info("Key : " . $key); $data = AesCtr::decrypt($key, $user->password, 256); if (empty($data)) { $ret['status'] = "ERROR"; $ret['message'] = "Invalid Key for changing password, error decrypting data"; } else { $data = json_decode($data, true); if ($data['CLIENT_NAME'] != CLIENT_NAME || $data['email'] != $user->email) { $ret['status'] = "ERROR"; $ret['message'] = "Invalid Key for changing password, keys do not match"; } else { if (empty($_REQUEST['now'])) { LogManager::getInstance()->info("now not defined"); header("Location:" . CLIENT_BASE_URL . "login.php?cp=1&key=" . $_REQUEST['key']); } else { if (!empty($_REQUEST['pwd'])) { if (strlen($_REQUEST['pwd']) >= 6) {
public static function de($data) { return AesCtr::decrypt($data, APP_KEY, 256); }
function decrypt($data, $secretKey, $nBits = 256) { return AesCtr::decrypt($data, $secretKey, $nBits); }
$p[$key] = $match; } } return $return && $pm ? is_closure($return) ? $return($m) : $return : $pm; } // Updated 070120141137AM: This allows the system to reset itself each load, so that if the developer saves and updates across the board, and you visit / refresh a page, you will start fresh & not have the obfuscated data from the "previous session" (still the same session just being erased and re-written at the HTML drawstate [this may need to change to specifically happen once for developer load, and force all users to use the same, not sure yet, check on this later]) // Updated 070620140227AM: Moved this above the encryption data, so that the encrypted pages can adjust the session data without this resetting it. if (isset($_SESSION)) { unset($_SESSION['_ReplaceTags_']); unset($_SESSION['_DontReplaceTags_']); unset($_SESSION['_UndoTags_']); } /** * This allows us to do Encrypted Pages */ $ENC = json_decode(AesCtr::decrypt(str_replace(array('%252F', '%255C', '%252B'), array('%2F', '%5C', '%2B'), $_p), EncryptionPassword, EncryptionLength), true); if ($ENC) { if (isset($ENC['p'])) { $_p = ''; foreach ($ENC['p'] as $k => $c) { if (is_numeric($k)) { $_p .= '/' . $c; } } $_p = substr($_p, 1); $post = $p[ost]; $get = $p['?']; $p = $ENC['p']; // Replace $p data with our encrypted data, else use our current $p; $p[ost] = $post; $p['?'] = $get;
public function encrypt_key($key_post) { echo json_encode(array("data" => AesCtr::decrypt($key_post, $this->CI->jencryptcicookie->userdata('key'), 256))); }
function decodificar($cadena) { /* reemplaza valores + / */ $cadena = AesCtr::decrypt(str_pad(strtr($cadena, '-_', '+/'), strlen($cadena) % 4, '=', STR_PAD_RIGHT), "", 256); return $cadena; }
$db->query_update("users", array('pw' => $new_pw, 'last_pw_change' => mktime(0, 0, 0, date('m'), date('d'), date('y'))), "id = " . $data_received['user_id']); echo '[ { "error" : "none" } ]'; } else { echo '[ { "error" : "nothing_to_do" } ]'; } } break; case "identify_user": require_once "main.functions.php"; require_once "../sources/NestedTree.class.php"; //decrypt and retreive data in JSON format require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $data_received = json_decode(AesCtr::decrypt($_POST['data'], SALT, 256), true); //Prepare variables $password_clear = htmlspecialchars_decode($data_received['pw']); $password = encrypt(htmlspecialchars_decode($data_received['pw'])); $username = htmlspecialchars_decode($data_received['login']); //GET SALT KEY LENGTH if (strlen(SALT) > 32) { $_SESSION['error']['salt'] = TRUE; } $_SESSION['user_language'] = $k['langage']; $ldap_connection = false; //Build tree of folders $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); /* LDAP connection */ if ($debug_ldap == 1) { $dbg_ldap = fopen("../files/ldap.debug.txt", "w");
break; /* * CASE * Update a Group */ /* * CASE * Update a Group */ case "update_rep": //decrypt and retreive data in JSON format require_once '../includes/libraries/crypt/aes.class.php'; // AES PHP implementation require_once '../includes/libraries/crypt/aesctr.class.php'; // AES Counter Mode implementation $data_received = json_decode(AesCtr::decrypt($_POST['data'], $_SESSION['key'], 256), true); //Prepare variables $title = htmlspecialchars_decode($data_received['title']); //Check if title doesn't contains html codes if (preg_match_all("|<[^>]+>(.*)</[^>]+>|U", $title, $out)) { //send data echo '[{"error" : "' . $txt['error_html_codes'] . '"}]'; } else { //update Folders table $db->query_update("nested_tree", array('title' => $title), 'id=' . $data_received['folder']); //update complixity value $db->query_update("misc", array('valeur' => $data_received['complexity']), 'intitule = "' . $data_received['folder'] . '" AND type = "complex"'); //rebuild fuild tree folder require_once 'NestedTree.class.php'; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree->rebuild();
<?php require 'aes.class.php'; // AES PHP implementation require 'aesctr.class.php'; // AES Counter Mode implementation ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>AES JavaScript+PHP test harness (server-side decrypt)</title> </head> <body> <!-- output the post array received and dectypt the message --> <pre>$_POST: <?php echo print_r($_POST, true); ?> </pre> <pre>Plaintext: <?php echo AesCtr::decrypt($_POST['message'], 'L0ck it up saf3', 256); ?> </pre> </body> </html>
$state = 'Authorised (Return)'; $auth = json_decode($client->authenticate($_GET['code'])); $auth = json_decode($client->getAccessToken()); $user['info'] = $user['service']->userinfo->get(); $_SESSION['auth'] = AesCtr::encrypt($auth->access_token, '_gdt_auth_1985Au7DJUZSNo2012', 256); //$_SESSION['auth'] = $auth->access_token; $_SESSION['id'] = $db->sql("INSERT INTO auths VALUES ('" . $user['info']['email'] . "', '" . $auth->refresh_token . "') RETURNING id", NULL, 1, 'id'); $_SESSION['id'] = $_SESSION['id'] ? $_SESSION['id'] : $db->sql("UPDATE auths SET token = '" . AesCtr::encrypt($auth->refresh_token, '_gdt_auth_1985Au7DJUZSNo2012', 256) . "' WHERE id = '" . $user['info']['email'] . "' RETURNING id", NULL, 1, 'id'); header('Location: ' . filter_var('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'], FILTER_SANITIZE_URL)); exit('<a href="' . filter_var('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'], FILTER_SANITIZE_URL) . '">Redirect failed: click here to continue</a>'); } // $_SESSION['id'] = '*****@*****.**'; if (isset($_SESSION['id']) && ($token = $db->sql("SELECT token FROM auths WHERE id = '" . $_SESSION['id'] . "'", NULL, 1, 'token'))) { $auth = new stdClass(); $auth->access_token = AesCtr::decrypt($_SESSION['auth'], '_gdt_auth_1985Au7DJUZSNo2012', 256); $auth->refresh_token = AesCtr::decrypt($token, '_gdt_auth_1985Au7DJUZSNo2012', 256); //print_r($auth); $client->setAccessToken(json_encode($auth)); if ($client->getAccessToken()) { // Active authorisation, so continue $state = 'Authorised'; $logged_in = TRUE; $user['info'] = $user['service']->userinfo->get(); $auth = json_decode($client->getAccessToken()); $_SESSION['auth'] = AesCtr::encrypt($auth->access_token, '_gdt_auth_1985Au7DJUZSNo2012', 256); } else { // Expired authorisation, so refresh authorisation and clean URL $state = 'Renewing authorisation'; $client->setAccessType('offline'); $client->refreshToken($auth->refresh_token); $auth = json_decode($client->getAccessToken());