PHP Blowfish::CreateDataPacket Examples

Example #1

File: endpoint.php Project: marks2016/sso

function SSO_EndpointOutput($result)
{
    global $sso_encrypted, $sso_apikey_info, $sso_data, $sso_skipsleep;
    if (!$sso_skipsleep) {
        SSO_RandomSleep();
    }
    $result = @json_encode($result);
    if ($sso_encrypted) {
        if ($sso_apikey_info["keyinfo"]["mode"] === "aes256") {
            $result = ExtendedAES::CreateDataPacket($result, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
        } else {
            $result = Blowfish::CreateDataPacket($result, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
        }
        $result = base64_encode($result);
    }
    echo $result;
    exit;
}

Example #2

File: sso_antiphish.php Project: marks2016/sso

 public function LoginAddMap(&$mapinfo, $userrow, &$userinfo, $admin)
 {
     global $sso_rng;
     $info = $this->GetInfo();
     if ($info["cookiekey"] != "" && $info["cookieiv"] != "" && $info["cookiekey2"] != "" && $info["cookieiv2"] != "" && isset($userinfo["sso_antiphish"])) {
         // Set the anti-phishing cookie here.
         $data = base64_encode(Blowfish::CreateDataPacket($userinfo["sso_antiphish"], pack("H*", $info["cookiekey"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $info["cookieiv"]), "key2" => pack("H*", $info["cookiekey2"]), "iv2" => pack("H*", $info["cookieiv2"]), "lightweight" => true)));
         SetCookieFixDomain("sso_l_ap", $data, time() + 365 * 24 * 60 * 60, "", "", BB_IsSSLRequest(), true);
     }
 }

Example #3

File: sso_functions.php Project: marks2016/sso

function SSO_ValidateUser()
{
    global $sso_rng, $sso_db, $sso_db_user_sessions, $sso_db_temp_sessions, $sso_session_info, $sso_apirow, $sso_sessionrow, $sso_sessionrow2, $sso_ipaddr, $sso_settings;
    try {
        // Browser gets a token representing the new session in the temporary session.
        $sso_session_info["new_id2"] = $sso_rng->GenerateString();
        $sso_db->Query("UPDATE", array($sso_db_temp_sessions, array("info" => serialize($sso_session_info)), "WHERE" => "id = ?"), $sso_sessionrow->id);
        // Validate the session.
        $sso_db->Query("UPDATE", array($sso_db_user_sessions, array("updated" => CSDB::ConvertToDBTime(time()), "info" => serialize(array("validated" => true, "ipaddr" => $sso_ipaddr["ipv6"]))), "WHERE" => "id = ?"), $sso_sessionrow2->id);
        // Build the redirect.
        $redirect = str_replace(array("\r", "\n"), "", base64_decode($sso_session_info["url"]));
        $redirect .= (strpos($redirect, "?") === false ? "?" : "&") . "from_sso_server=1&sso_id=" . urlencode($sso_session_info["new_id2"]) . "&sso_id2=" . urlencode($_REQUEST["sso_id"]);
        // Set the namespace cookie.
        if (isset($sso_settings[""]["namespacekey2"])) {
            $namespaces = SSO_LoadNamespaces(true);
            $namespaces[$sso_apirow->namespace] = $_COOKIE["sso_server_id2"];
            $data = serialize($namespaces);
            $data = base64_encode(Blowfish::CreateDataPacket($data, pack("H*", $sso_settings[""]["namespacekey"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $sso_settings[""]["namespaceiv"]), "key2" => pack("H*", $sso_settings[""]["namespacekey2"]), "iv2" => pack("H*", $sso_settings[""]["namespaceiv2"]), "lightweight" => true)));
            SetCookieFixDomain("sso_server_ns", $data, 0, "", "", SSO_IsSSLRequest(), true);
        }
        // Set the exposed namespace cookie if the option is enabled.
        if (isset($sso_settings[""]["expose_namespaces"]) && $sso_settings[""]["expose_namespaces"] && isset($sso_settings[""]["namespacekey4"])) {
            $namespaces = SSO_LoadNamespaces(false);
            $namespaces[$sso_apirow->namespace] = $sso_sessionrow2->id;
            $data = serialize($namespaces);
            $data = base64_encode(Blowfish::CreateDataPacket($data, pack("H*", $sso_settings[""]["namespacekey3"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $sso_settings[""]["namespaceiv3"]), "key2" => pack("H*", $sso_settings[""]["namespacekey4"]), "iv2" => pack("H*", $sso_settings[""]["namespaceiv4"]), "lightweight" => true)));
            $host = str_replace(array("http://", "https://"), "", BB_GetRequestHost());
            SetCookieFixDomain("sso_server_ns2", $data, 0, "/", $host, false, true);
        }
        // Redirect back to the client.
        SSO_ExternalRedirect($redirect, true);
    } catch (Exception $e) {
        // Don't do anything here.  Just catch the database exception and let the code fall through.
        // It should be nearly impossible to get here in the first place.
    }
    return false;
}

Example #4

File: sso_remember_me.php Project: marks2016/sso

 public function LoginAddMap(&$mapinfo, $userrow, &$userinfo, $admin)
 {
     global $sso_rng, $sso_session_info;
     $info = $this->GetInfo();
     if (!$admin && $info["cookiekey"] != "" && $info["cookieiv"] != "" && $info["cookiekey2"] != "" && $info["cookieiv2"] != "" && isset($sso_session_info["sso_login_remember_me"])) {
         if (!isset($userinfo["sso_remember_me"])) {
             $userinfo["sso_remember_me"] = array();
         }
         if ($sso_session_info["sso_login_remember_me"]["reset"]) {
             $userinfo["sso_remember_me"] = array();
         }
         // Remove expired tokens.
         foreach ($userinfo["sso_remember_me"] as $token => $info2) {
             if (CSDB::ConvertFromDBTime($info2["expires"]) < time()) {
                 unset($userinfo["sso_remember_me"][$token]);
             }
         }
         if ($sso_session_info["sso_login_remember_me"]["numdays"] > 0) {
             $token = $sso_rng->GenerateString();
             $token2 = $sso_rng->GenerateString();
             $salt = $sso_rng->GenerateString();
             $data = $salt . ":" . $token2;
             $passwordinfo = sso_login::HashPasswordInfo($data);
             if ($passwordinfo["success"]) {
                 // Add temporary session data to user information.
                 $userinfo["sso_remember_me"][$token] = array("salt" => $salt, "rounds" => (int) $passwordinfo["rounds"], "hash" => bin2hex($passwordinfo["hash"]), "expires" => CSDB::ConvertToDBTime(time() + $sso_session_info["sso_login_remember_me"]["numdays"] * 24 * 60 * 60), "bypass" => $sso_session_info["sso_login_remember_me"]["bypass"]);
                 // Append user ID and token to the cookie.
                 $info2 = false;
                 if (isset($_COOKIE["sso_l_rme"])) {
                     // Decrypt existing data.
                     $info2 = @base64_decode($_COOKIE["sso_l_rme"]);
                     if ($info2 !== false) {
                         $info2 = Blowfish::ExtractDataPacket($info2, pack("H*", $info["cookiekey"]), array("mode" => "CBC", "iv" => pack("H*", $info["cookieiv"]), "key2" => pack("H*", $info["cookiekey2"]), "iv2" => pack("H*", $info["cookieiv2"]), "lightweight" => true));
                     }
                     if ($info2 !== false) {
                         $info2 = @unserialize($info2);
                     }
                 }
                 if ($info2 === false) {
                     $info2 = array();
                 }
                 $info2[$userrow->id] = array($token, $token2);
                 // Set the Remember Me cookie.
                 $data = base64_encode(Blowfish::CreateDataPacket(serialize($info2), pack("H*", $info["cookiekey"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $info["cookieiv"]), "key2" => pack("H*", $info["cookiekey2"]), "iv2" => pack("H*", $info["cookieiv2"]), "lightweight" => true)));
                 SetCookieFixDomain("sso_l_rme", $data, time() + $info["maxdays"] * 24 * 60 * 60, "", "", BB_IsSSLRequest(), true);
             }
         }
     }
 }