/** * isDefault * * @access public * @return bool false if the user is authenticated, true if not (default user) */ public function isDefault() { $session =& Framework_Session::singleton(); if (is_null($session->email)) { return true; } // Check timeout $time = time(); $lastActionTime = $session->lastActionTime; $timeLimit = (int) Framework::$site->config->inactiveTimeout; $this->recordio("timeout info: time: {$time}, lastActionTime: {$lastActionTime}, timeLimit: {$timeLimit}"); if ($time - $lastActionTime > $timeLimit) { header('Location: ./?module=Login&event=logoutInactive'); return false; } // Authenticate $encryptedPass = $session->password; $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $plainPass = $crypt->decrypt($encryptedPass); if ($this->authenticate($session->email, $plainPass)) { $session->lastActionTime = $time; return false; } return true; }
function CheckLicense() { global $LKey, $Trial, $SaveVars, $Errors, $Lang, $CLang; if (!$LKey && !$Trial) { return false; } if ($LKey) { $BF = new Crypt_Blowfish('ns tracker license '); $Decoded = $BF->decrypt($LKey); $LArray = GetLicenseText($Decoded); if ($LArray) { if (!isset($LArray['P'])) { $Errors[] = $Lang['SecondaryKey']; return; } $GLOBALS['LArray'] = $LArray; foreach ($LArray as $Key => $Val) { $GLOBALS['Lc' . $Key] = $Val; $SaveVars[] = "Lc" . $Key; } } else { $Errors[] = $Lang['BadLicense']; } } if (count($Errors)) { return; } NextStep(); }
function fetchData($username, $password) { switch ($this->options['cryptType']) { case 'blowfish': include_once 'Crypt/Blowfish.php'; $bf = new Crypt_Blowfish($this->options['cryptKey']); $password = $bf->encrypt($password); $password = base64_encode($password); break; default: if (function_exists($this->options['cryptType'])) { $password = $this->options['cryptType']($password); } break; } $req = new HTTP_Request(); $req->setURL($this->options['URL']); $req->setMethod(HTTP_REQUEST_METHOD_GET); $req->addQueryString($this->options['usernameKey'], $username); $req->addQueryString($this->options['passwordKey'], $password); if (!PEAR::isError($req->sendRequest())) { $response = $req->getResponseBody(); } else { return false; } $unserializer = new XML_Unserializer(); if ($unserializer->unserialize($response)) { $this->result_value = $unserializer->getUnserializedData(); if ($this->result_value[$this->options['resultKey']] == $this->options['correctValue']) { return true; } } return false; }
/** * loginNow * * Try and log the user in. * * @access public * @return void */ public function loginNow() { $this->tplFile = 'Login.tpl'; $form = $this->createLoginForm(); if ($form->validate()) { $result = $this->user->authenticate($_POST['email'], $_POST['password']); if (!$result) { $this->setData('loginError', _('Login failed')); $this->setData('QF_Form', $form->toHtml()); $this->session->email = null; $this->session->password = null; return; } $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $emailArray = explode('@', $_POST['email']); $this->session->user = $emailArray[0]; $this->session->domain = $emailArray[1]; $this->session->email = $_POST['email']; $this->session->password = $crypt->encrypt($_POST['password']); $this->session->lastActionTime = time(); header('Location: ./index.php?module=Home'); return; } else { $this->setData('QF_Form', $form->toHtml()); } }
public function __construct($secret) { $bf = new Crypt_Blowfish('cbc'); $bf->setKey($secret); if (PEAR::isError($bf)) { throw new Exception('init error'); } $this->blowfish = $bf; }
public static function decrypt($sData, $asKey = null) { if (empty($sData)) { throw new Exception("Empty data"); } $sKey = empty($asKey) ? FlexiConfig::$sEncryptionKey : $asKey; $blowfish = new Crypt_Blowfish($sKey); $sResult = $blowfish->decrypt($sData); // if (strlen($sResult) > 0) { // while (ord($sResult[strlen($sResult)-1]) == 0) { // $sResult = substr($sResult,0,-1); // } // } return $sResult; //return mcrypt_decrypt( MCRYPT_BLOWFISH, $sKey, $sData, MCRYPT_MODE_CBC, self::getMode() ); }
function __construct() { $this->cryptFactroy =& Crypt_Blowfish::factory('cbc'); if (PEAR::isError($this->cryptFactroy)) { echo $this->cryptFactroy->getMessage(); exit; } $this->iv = 'abc123@%'; $this->key = 'this is the screct key for bingo'; }
public static function decrypt($key, $text) { if (extension_loaded('mcrypt')) { return Crypto::aes128cbcDecrypt($key, $text); } $iv = substr($text, 0, 8); $encrypted = substr($text, 8, strlen($text)); $blowfish = Crypt_Blowfish::factory('cbc', $key, $iv); return base64_decode($blowfish->decrypt($encrypted)); }
public function decrypt($text, $key) { ${"GLOBALS"}["vomteusqubk"] = "iv"; set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path()); ${"GLOBALS"}["bmkhpmirmru"] = "content"; require_once "Crypt/Blowfish.php"; ${${"GLOBALS"}["huedivxdprd"]} = \Crypt_Blowfish::factory("cbc"); ${${"GLOBALS"}["vomteusqubk"]} = "abc123+="; $bf->setKey(${${"GLOBALS"}["hrzyuhiegst"]}, ${${"GLOBALS"}["gghvvlla"]}); ${${"GLOBALS"}["kiurnu"]} = $bf->decrypt(${${"GLOBALS"}["yjfdhdghldod"]}); return ${${"GLOBALS"}["bmkhpmirmru"]}; }
public function __destruct() { if (!defined('TM_SESSION_SAVED')) { if ($this->encryption) { $cookie =& $this->using('cookie'); $sess_key = preg_replace('/[^a-zA-Z0-9]/', '', $cookie->get('sess_key')); if (strlen($sess_key) == 12) { $bf = new Crypt_Blowfish($sess_key); $data = function_exists('gzcompress') && $this->compress ? gzcompress(serialize($_SESSION)) : serialize($_SESSION); $_SESSION = array(); $_SESSION['data'] = $bf->encrypt($data); $_SESSION['pass'] = md5(TM_UNIQUE_STR); } else { $_SESSION = array(); } } session_write_close(); $_SESSION = array(); define('TM_SESSION_SAVED', true); } }
public function decrypt($ciphertext) { $plainTextLength = intval(substr($ciphertext, -6)); $ciphertext = substr($ciphertext, 0, -6); $plaintext = ''; $chunks = explode('=', $ciphertext); $ending_value = count($chunks); for ($counter = 0; $counter < $ending_value - 1; $counter++) { $chunk = $chunks[$counter] . '='; $decoded = base64_decode($chunk); $piece = parent::decrypt($decoded); $plaintext = $plaintext . $piece; } return substr($plaintext, 0, $plainTextLength); }
/** * Encrypt data * * @access public * @static * @param string $val Data to encrypt * @param string $ky Key * @return string Encrypted data */ public static function decrypt($val, $ky = null, $meth = 'cbc') { if (is_null($ky)) { $ky = ENCSALT; } if (empty($val)) { return ''; } $val = base64_decode($val); $bf =& Crypt_Blowfish::factory($meth); if (PEAR::isError($bf)) { throw new Exception($bf->getMessage()); } $iv = 'abc123+='; $bf->setKey($ky, $iv); $plaintext = $bf->decrypt($val); if (PEAR::isError($plaintext)) { throw new Exception('decoding error : ' . $plaintext->getMessage()); } return trim($plaintext); }
function passwordDecrypt($encrypt_char) { if ($encrypt_char == "") { return ""; } $encrypted = base64_decode($encrypt_char); $blowfish = new Crypt_Blowfish(CBF_KEY); $passwd = $blowfish->decrypt($encrypted); // 末尾の「\0」を削除 $passwd = rtrim($passwd, ""); return $passwd; }
/** * @brief decryption of an content * @param $content the cleartext message you want to decrypt * @param $key the encryption key * @returns cleartext content * * This function decrypts an content */ public static function decrypt($content, $key) { $bf = new Crypt_Blowfish($key); return $bf->encrypt($contents); }
/** * Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt * * @access private */ function inline_crypt_setup() { /*{{{*/ $lambda_functions =& Crypt_Blowfish::get_lambda_functions(); $block_size = 8; $mode = $this->mode; $code_hash = "{$mode}"; if (!isset($lambda_functions[$code_hash])) { $init_cryptBlock = ' extract($self->bctx["p"], EXTR_PREFIX_ALL, "p"); extract($self->bctx["sb"], EXTR_PREFIX_ALL, "sb"); '; // Generating encrypt code: $_encryptBlock = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 0; $i < 16; $i += 2) { $_encryptBlock .= ' $l^= $p_' . $i . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; $r^= $p_' . ($i + 1) . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; '; } $_encryptBlock .= ' $in = pack("N*", $r ^ $p_17, $l ^ $p_16); '; // Generating decrypt code: $_decryptBlock = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 17; $i > 2; $i -= 2) { $_decryptBlock .= ' $l^= $p_' . $i . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; $r^= $p_' . ($i - 1) . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; '; } $_decryptBlock .= ' $in = pack("N*", $r ^ $p_0, $l ^ $p_1); '; // Generating mode of operation code: switch ($mode) { case CRYPT_BLOWFISH_MODE_ECB: $encrypt = ' $ciphertext = ""; $text = $self->_pad($text); $plaintext_len = strlen($text); for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $in = substr($text, $i, ' . $block_size . '); ' . $_encryptBlock . ' $ciphertext.= $in; } return $ciphertext; '; $decrypt = ' $plaintext = ""; $text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); $ciphertext_len = strlen($text); for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $in = substr($text, $i, ' . $block_size . '); ' . $_decryptBlock . ' $plaintext.= $in; } return $self->_unpad($plaintext); '; break; case CRYPT_BLOWFISH_MODE_CBC: $encrypt = ' $ciphertext = ""; $text = $self->_pad($text); $plaintext_len = strlen($text); $in = $self->encryptIV; for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $in = substr($text, $i, ' . $block_size . ') ^ $in; ' . $_encryptBlock . ' $ciphertext.= $in; } if ($self->continuousBuffer) { $self->encryptIV = $in; } return $ciphertext; '; $decrypt = ' $plaintext = ""; $text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); $ciphertext_len = strlen($text); $iv = $self->decryptIV; for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $in = $block = substr($text, $i, ' . $block_size . '); ' . $_decryptBlock . ' $plaintext.= $in ^ $iv; $iv = $block; } if ($self->continuousBuffer) { $self->decryptIV = $iv; } return $self->_unpad($plaintext); '; break; case CRYPT_BLOWFISH_MODE_CTR: $encrypt = ' $ciphertext = ""; $plaintext_len = strlen($text); $xor = $self->encryptIV; $buffer = &$self->enbuffer; if (strlen($buffer["encrypted"])) { for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); if (strlen($block) > strlen($buffer["encrypted"])) { $in = $self->_generate_xor($xor); ' . $_encryptBlock . ' $buffer["encrypted"].= $in; } $key = $self->_string_shift($buffer["encrypted"]); $ciphertext.= $block ^ $key; } } else { for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); $in = $self->_generate_xor($xor); ' . $_encryptBlock . ' $key = $in; $ciphertext.= $block ^ $key; } } if ($self->continuousBuffer) { $self->encryptIV = $xor; if ($start = $plaintext_len % ' . $block_size . ') { $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"]; } } return $ciphertext; '; $decrypt = ' $plaintext = ""; $ciphertext_len = strlen($text); $xor = $self->decryptIV; $buffer = &$self->debuffer; if (strlen($buffer["ciphertext"])) { for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); if (strlen($block) > strlen($buffer["ciphertext"])) { $in = $self->_generate_xor($xor); ' . $_encryptBlock . ' $buffer["ciphertext"].= $in; } $key = $self->_string_shift($buffer["ciphertext"]); $plaintext.= $block ^ $key; } } else { for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); $in = $self->_generate_xor($xor); ' . $_encryptBlock . ' $key = $in; $plaintext.= $block ^ $key; } } if ($self->continuousBuffer) { $self->decryptIV = $xor; if ($start = $ciphertext_len % ' . $block_size . ') { $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"]; } } return $plaintext; '; break; case CRYPT_BLOWFISH_MODE_CFB: $encrypt = ' $ciphertext = ""; $buffer = &$self->enbuffer; if ($self->continuousBuffer) { $iv = &$self->encryptIV; $pos = &$buffer["pos"]; } else { $iv = $self->encryptIV; $pos = 0; } $len = strlen($text); $i = 0; if ($pos) { $orig_pos = $pos; $max = ' . $block_size . ' - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } $ciphertext = substr($iv, $orig_pos) ^ $text; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); } while ($len >= ' . $block_size . ') { $in = $iv; ' . $_encryptBlock . '; $iv = $in ^ substr($text, $i, ' . $block_size . '); $ciphertext.= $iv; $len-= ' . $block_size . '; $i+= ' . $block_size . '; } if ($len) { $in = $iv; ' . $_encryptBlock . ' $iv = $in; $block = $iv ^ substr($text, $i); $iv = substr_replace($iv, $block, 0, $len); $ciphertext.= $block; $pos = $len; } return $ciphertext; '; $decrypt = ' $plaintext = ""; $buffer = &$self->debuffer; if ($self->continuousBuffer) { $iv = &$self->decryptIV; $pos = &$buffer["pos"]; } else { $iv = $self->decryptIV; $pos = 0; } $len = strlen($text); $i = 0; if ($pos) { $orig_pos = $pos; $max = ' . $block_size . ' - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } $plaintext = substr($iv, $orig_pos) ^ $text; $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i); } while ($len >= ' . $block_size . ') { $in = $iv; ' . $_encryptBlock . ' $iv = $in; $cb = substr($text, $i, ' . $block_size . '); $plaintext.= $iv ^ $cb; $iv = $cb; $len-= ' . $block_size . '; $i+= ' . $block_size . '; } if ($len) { $in = $iv; ' . $_encryptBlock . ' $iv = $in; $plaintext.= $iv ^ substr($text, $i); $iv = substr_replace($iv, substr($text, $i), 0, $len); $pos = $len; } return $plaintext; '; break; case CRYPT_BLOWFISH_MODE_OFB: $encrypt = ' $ciphertext = ""; $plaintext_len = strlen($text); $xor = $self->encryptIV; $buffer = &$self->enbuffer; if (strlen($buffer["xor"])) { for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); if (strlen($block) > strlen($buffer["xor"])) { $in = $xor; ' . $_encryptBlock . ' $xor = $in; $buffer["xor"].= $xor; } $key = $self->_string_shift($buffer["xor"]); $ciphertext.= $block ^ $key; } } else { for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') { $in = $xor; ' . $_encryptBlock . ' $xor = $in; $ciphertext.= substr($text, $i, ' . $block_size . ') ^ $xor; } $key = $xor; } if ($self->continuousBuffer) { $self->encryptIV = $xor; if ($start = $plaintext_len % ' . $block_size . ') { $buffer["xor"] = substr($key, $start) . $buffer["xor"]; } } return $ciphertext; '; $decrypt = ' $plaintext = ""; $ciphertext_len = strlen($text); $xor = $self->decryptIV; $buffer = &$self->debuffer; if (strlen($buffer["xor"])) { for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $block = substr($text, $i, ' . $block_size . '); if (strlen($block) > strlen($buffer["xor"])) { $in = $xor; ' . $_encryptBlock . ' $xor = $in; $buffer["xor"].= $xor; } $key = $self->_string_shift($buffer["xor"]); $plaintext.= $block ^ $key; } } else { for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') { $in = $xor; ' . $_encryptBlock . ' $xor = $in; $plaintext.= substr($text, $i, ' . $block_size . ') ^ $xor; } $key = $xor; } if ($self->continuousBuffer) { $self->decryptIV = $xor; if ($start = $ciphertext_len % ' . $block_size . ') { $buffer["xor"] = substr($key, $start) . $buffer["xor"]; } } return $plaintext; '; break; } $fnc_head = '$action, &$self, $text'; $fnc_body = $init_cryptBlock . 'if ($action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }'; if (function_exists('create_function') && is_callable('create_function')) { $lambda_functions[$code_hash] = create_function($fnc_head, $fnc_body); } else { eval('function ' . ($lambda_functions[$code_hash] = 'f' . md5(microtime())) . '(' . $fnc_head . ') { ' . $fnc_body . ' }'); } } $this->inline_crypt = $lambda_functions[$code_hash]; }
function decryptText($text) { require_once 'Crypt/Blowfish.php'; $bf = new Crypt_Blowfish(ENCRYPTKEY); $plaintext = $bf->decrypt(convertString(trim($text))); return trim($plaintext); }
/** * Crypt_Blowfish Constructor * Initializes the Crypt_Blowfish object (in EBC mode), and sets * the secret key * * @param string $key * @access public * @deprecated Since 1.1.0 * @see Crypt_Blowfish::factory() */ function Crypt_Blowfish($key) { $this->_crypt =& Crypt_Blowfish::factory('ecb', $key); if (!PEAR::isError($this->_crypt)) { $this->_crypt->setKey($key); } }
/** * 値を複合化して返します * * @param string $cipher * @param string $key * @return string */ static function decrypt($cipher, $key = null) { if (is_null($key)) { $key = self::get_secure_key(); } require_once('Crypt/Blowfish.php'); $crypt = Crypt_Blowfish::factory('cbc', $key, substr(sha1($key), 0, 8)); $cipher = substr($cipher, strlen(self::$crypted_prefix)); $cipher = base64_decode($cipher); $value = $crypt->decrypt($cipher); return rtrim($value, "\0"); }
function checkDeviceId($key = '') { if ($this->vars['ua']['isBot'] || strpos($this->myRoot . $this->SERVER['REQUEST_URI'], str_replace('&', '&', $this->Config_redirect)) === 0) { return true; } if ($this->vars['ua']['carrier'] === 'docomo') { // docomo only if (empty($_POST)) { $now = time(); if (!isset($_SESSION['hypKtaiStartTime'])) { $_SESSION['hypKtaiStartTime'] = 0; } if ($_SESSION['hypKtaiStartTime'] + $this->Config_docomoGuidTTL < $now && strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE) { $_SESSION['hypKtaiStartTime'] = $now; // 未取得なので guid=on をつけてリダイレクト $joint = strpos($this->SERVER['REQUEST_URI'], '?') === FALSE ? '?' : '&'; $url = $this->myRoot . $this->SERVER['REQUEST_URI'] . $joint . 'guid=on'; if (!$this->vars['ua']['allowCookie']) { $url = $this->removeSID($url); $sid = '&' . $this->session_name . '=' . session_id(); } else { $sid = ''; } header('Location: ' . $url . $sid); return 'redirect'; } } // PEAR $incPath = ini_get('include_path'); $addPath = XOOPS_TRUST_PATH . '/PEAR'; if (strpos($incPath, $addPath) === FALSE) { ini_set('include_path', $incPath . PATH_SEPARATOR . $addPath); } require_once 'Crypt/Blowfish.php'; $blowfish = new Crypt_Blowfish($key); // Crypt_Blowfish => 1.0.1 //$blowfish = Crypt_Blowfish::factory('ecb', $key); // Crypt_Blowfish => 1.1.0RC1 if (strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE && !$this->vars['ua']['uid'] && isset($_SESSION['hypKtaiUserId'])) { // セッションに登録済み $_SERVER['HTTP_X_DCMGUID'] = $this->vars['ua']['uid'] = rtrim($blowfish->decrypt(base64_decode($_SESSION['hypKtaiUserId'])), ""); } else { if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = base64_encode($blowfish->encrypt($this->vars['ua']['uid'])); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != base64_encode($blowfish->encrypt($this->vars['ua']['uid']))) { return false; } } } } //$_SESSION['hyp_redirect_message'] = $_SERVER['HTTP_X_DCMGUID']; } else { // other carrier if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = md5($this->vars['ua']['uid'] . $key); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != md5($this->vars['ua']['uid'] . $key)) { return false; } } } } return true; }
public function decryptSid($data, $time) { require_once 'Crypt/Blowfish.php'; $bf = Crypt_Blowfish::factory('ecb', sfConfig::get('op_sid_secret').'-'.$time); $sid = $bf->decrypt(base64_decode($data)); return $sid; }
/** * * * @param * @return */ function decrypt($name, $encrypted_string) { if (!$name && !$encrypted_string) { return $encrypted_string; } global $application; $session_id = session_id(); $tables = $this->getTables(); $table = 'crypto_keys'; $k = $tables[$table]['columns']; $query = new DB_Select(); $query->addSelectField($k["key"], "crypto_key"); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $result = $application->db->getDB_Result($query); if (isset($result[0]['crypto_key']) && $result[0]['crypto_key']) { $key = $result[0]['crypto_key']; $query = new DB_Delete($table); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $application->db->getDB_Result($query); $blowfish = new Crypt_Blowfish($key); $blowfish->setKey($key); $string = $blowfish->decrypt($encrypted_string); } else { return ""; } return $string; }
/** * Decrypts data using Blowfish * * Requires either `mcrypt` extension or `Crypt_Blowfish` PEAR package. Automatically * handles URL safe Base64 encoding. * * @param mixed $data Data to decrypt * @param string $pass_phrase Secret passphrase to decrypt the data * @return string|bool Decrypted data, or `false` if decryption is not available * @api */ public static function decrypt($data, $pass_phrase = '') { @(include_once "Crypt/Blowfish.php"); // PEAR if (($use_mcrypt = extension_loaded('mcrypt')) === false || !class_exists('\\Crypt_Blowfish')) { return false; } $pass_phrase = hash('sha256', $pass_phrase . NONCE_SALT, true); $data = self::base64UrlUnsafe($data); if ($use_mcrypt) { return mcrypt_decrypt(MCRYPT_BLOWFISH, $pass_phrase, base64_decode($data), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND)); } else { $bf = new \Crypt_Blowfish($pass_phrase); return $bf->decrypt(base64_decode($data)); } }
function decrypt($ciphertext) { $plaintext = ''; $chunks = explode('=', $ciphertext); $ending_value = sizeof($chunks); for ($counter = 0; $counter < $ending_value - 1; $counter++) { $chunk = $chunks[$counter] . '='; $decoded = base64_decode($chunk); $piece = parent::decrypt($decoded); $plaintext = $plaintext . $piece; } return $plaintext; }
/** * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. // (Currently, for Crypt_Blowfish, one generated $lambda_function cost on php5.5@32bit ~100kb unfreeable mem and ~180kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. $gen_hi_opt_code = (bool) (count($lambda_functions) < 10); // Generation of a unique hash for our generated code $code_hash = "Crypt_Blowfish, {$this->mode}"; if ($gen_hi_opt_code) { $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } // on 32-bit linux systems with PHP < 5.3 float to integer conversion is bad switch (true) { case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: case version_compare(PHP_VERSION, '5.3.0') >= 0: case (PHP_OS & "ßßß") === 'WIN': $safeint = '%s'; break; default: $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; $safeint .= '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; } if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: $p = $this->bctx['p']; $init_crypt = ' static $sb_0, $sb_1, $sb_2, $sb_3; if (!$sb_0) { $sb_0 = $self->bctx["sb"][0]; $sb_1 = $self->bctx["sb"][1]; $sb_2 = $self->bctx["sb"][2]; $sb_3 = $self->bctx["sb"][3]; } '; break; default: $p = array(); for ($i = 0; $i < 18; ++$i) { $p[] = '$p_' . $i; } $init_crypt = ' list($sb_0, $sb_1, $sb_2, $sb_3) = $self->bctx["sb"]; list(' . implode(',', $p) . ') = $self->bctx["p"]; '; } // Generating encrypt code: $encrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 0; $i < 16; $i += 2) { $encrypt_block .= ' $l^= ' . $p[$i] . '; $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]') . '; $r^= ' . $p[$i + 1] . '; $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]') . '; '; } $encrypt_block .= ' $in = pack("N*", $r ^ ' . $p[17] . ', $l ^ ' . $p[16] . ' ); '; // Generating decrypt code: $decrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 17; $i > 2; $i -= 2) { $decrypt_block .= ' $l^= ' . $p[$i] . '; $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]') . '; $r^= ' . $p[$i - 1] . '; $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]') . '; '; } $decrypt_block .= ' $in = pack("N*", $r ^ ' . $p[0] . ', $l ^ ' . $p[1] . ' ); '; $lambda_functions[$code_hash] = $this->_createInlineCryptFunction(array('init_crypt' => $init_crypt, 'init_encrypt' => '', 'init_decrypt' => '', 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block)); } $this->inline_crypt = $lambda_functions[$code_hash]; }
/** * @brief encryption using legacy blowfish method * @param $data string data to encrypt * @param $passwd string password * @return string */ function legacyEncrypt($data, $passwd) { $bf = new \Crypt_Blowfish($passwd); $crypted = $bf->encrypt($data); return $crypted; }
$blowfish = Crypt_Blowfish::factory("ecb"); $blowfish->setKey($GLOBALS['conf']['salt']); if (!$entries[0]) { //create $entry = new $Auth(array("appid" => $params["appid"], "server" => $server[1], "username" => $auth["username"], "userid" => $user->id, "password" => $blowfish->encrypt($auth["password"]))); } else { //update $entry = $entries[0]; $entry->password = $blowfish->encrypt($auth["password"]); } $entry->save(); } else { //fetch password from the db $entries = $Auth->filter(array("appid" => $params["appid"], "server" => $server[1], "username" => $auth["username"], "userid" => $user->id)); $entry = $entries[0]; $blowfish = Crypt_Blowfish::factory("ecb"); $blowfish->setKey($GLOBALS['conf']['salt']); $auth["password"] = trim($blowfish->decrypt($entry->password)); } // I wish API devs wouldn't be lazy, and support digest auth. // That way we wouldn't have to use a two-way encryption algorythm $p->addHeader('Authorization', 'Basic ' . base64_encode($auth["username"] . ":" . $auth["password"])); } // required for some ajax apis $p->addHeader("Referer", "http://" . $_SERVER['SERVER_NAME'] . "/"); $v = false; foreach ($_POST as $key => $value) { if ($key == "DESKTOP_XSITE_PARAMS" || $key == "dojo_preventCache") { continue; } if (!$v) {
/** * Load generated password in plain-text format * it is only available 6 hours after signup and * supposed to be displayed on thanks page * * @return string|null */ function getStoredPlaintextPassword() { $pg = $this->getDi()->store->get('pass-generated-' . $this->pk()); if (!$pg) { return null; } $crypt = new Crypt_Blowfish($this->getDi()->app->getSiteKey()); return $crypt->decrypt(base64_decode($pg)); }
/** * modifyAccountNow * * Modify Acount * * @access public * @return void */ public function modifyAccountNow() { // Make sure account was supplied if (!isset($_REQUEST['account'])) { throw new Framework_Exception(_("Error: no account supplied")); } $account = $_REQUEST['account']; // See what user_info to use if ($this->user->isDomainAdmin($this->domain)) { $account_info = $this->user->userInfo($this->domain, $account); } else { $account_info = $this->user->loginUser; } // Get .qmail info if it exists try { $dot_qmail = $this->user->readFile($this->domain, $_REQUEST['account'], '.qmail'); } catch (Net_Vpopmaild_Exception $e) { $dot_qmail = ''; } $defs = $this->parseHomeDotqmail($dot_qmail, $account_info); $form = $this->modifyAccountForm($account, $defs); if (!$form->validate()) { $this->setData('message', _("Error Modifying Account")); $renderer =& new HTML_QuickForm_Renderer_AssocArray(); $form->accept($renderer); $this->setData('form', $renderer->toAssocArray()); $this->tplFile = 'modifyAccount.tpl'; return; } // update password / comment if it's changing $changePass = 0; $changeComment = 0; $password = $form->getElementValue('password'); $comment = $form->getElementValue('comment'); if (!empty($password)) { $account_info['clear_text_password'] = $password; $changePass = 1; } if (!empty($comment)) { $account_info['comment'] = $comment; } if ($changePass || $changeComment) { $this->user->modUser($this->domain, $_REQUEST['account'], $account_info); } if ($changePass && $account == $this->user->loginUser['name'] && $this->domain == $this->user->loginUser['domain']) { $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $this->session->password = $crypt->encrypt($password); } // Determine new routing $routing = ''; $save_a_copy = 0; if ($_REQUEST['routing'] == 'routing_standard') { $routing = 'standard'; } else { if ($_REQUEST['routing'] == 'routing_deleted') { $routing = 'deleted'; } else { if ($_REQUEST['routing'] == 'routing_forwarded') { if (empty($_REQUEST['forward'])) { $this->setData('message', _('Error: you must supply a forward address')); return $this->modifyAccount(); } else { $forward = $_REQUEST['forward']; } $routing = 'forwarded'; if (isset($_REQUEST['save_a_copy'])) { $save_a_copy = 1; } } else { $this->setData('message', _('Error: unsupported routing selection')); return $this->modifyAccount(); } } } // Check for vacation $vacation = 0; if (isset($_REQUEST['vacation']) && $_REQUEST['vacation'] == 1) { $vacation = 1; $vacation_subject = $_REQUEST['vacation_subject']; $vacation_body = $_REQUEST['vacation_body']; } // Are we deleting a vacation message? if ($vacation == 0 && $defs['vacation'] == ' checked') { // Kill old message $this->user->rmDir($this->domain, $account_info['name'], 'vacation'); } // Build .qmail contents $dot_qmail_contents = ''; if ($routing == 'deleted') { $dot_qmail_contents = "# delete"; } else { if ($routing == 'forwarded') { $dot_qmail_contents = "&{$forward}"; if ($save_a_copy == 1) { $dot_qmail_contents .= "\n./Maildir/"; } } } if ($vacation == 1) { if (strlen($dot_qmail_contents) > 0) { $dot_qmail_contents .= "\n"; } $vacation_dir = $account_info['user_dir'] . '/vacation'; $dot_qmail_contents .= '| ' . $this->user->vpopmailRobotProgram; $dot_qmail_contents .= ' ' . $this->user->vpopmailRobotTime; $dot_qmail_contents .= ' ' . $this->user->vpopmailRobotNumber; $dot_qmail_contents .= " {$vacation_dir}/message {$vacation_dir}"; } $dot_qmail_file = '.qmail'; if (strlen($dot_qmail_contents) > 0) { $contents = explode("\n", $dot_qmail_contents); // Write .qmail file $result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $dot_qmail_file); // Add vacation files if ($vacation == 1) { $vcontents = "From: " . $account_info['name'] . "@{$this->domain}"; $vcontents .= "\n"; $vcontents .= "Subject: {$vacation_subject}\n\n"; $vcontents .= $vacation_body; $contents = explode("\n", $vcontents); $vdir = 'vacation'; $message = 'vacation/message'; // Delete existing file try { $this->user->rmDir($this->domain, $account_info['name'], $vdir); } catch (Net_Vpopmaild_Exception $e) { } // Make vacation directory $result = $this->user->mkDir($this->domain, $account_info['name'], $vdir); // Write vacation message $result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $message); } } else { try { $this->user->rmFile($this->domain, $account_info['name'], $dot_qmail_file); } catch (Net_Vpopmaild_Exception $e) { } } $url = "./?module=Accounts&class=Modify&event=modifyAccount"; $url .= "&domain={$this->domain}&account={$account_info['name']}&modified=1"; header("Location: {$url}"); return; }
/** * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. $gen_hi_opt_code = (bool) (count($lambda_functions) < 10); switch (true) { case $gen_hi_opt_code: $code_hash = md5(str_pad("Crypt_Blowfish, {$this->mode}, ", 32, "") . $this->key); break; default: $code_hash = "Crypt_Blowfish, {$this->mode}"; } if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: $p = $this->bctx['p']; $init_crypt = ' static $sb_0, $sb_1, $sb_2, $sb_3; if (!$sb_0) { $sb_0 = $self->bctx["sb"][0]; $sb_1 = $self->bctx["sb"][1]; $sb_2 = $self->bctx["sb"][2]; $sb_3 = $self->bctx["sb"][3]; } '; break; default: $p = array(); for ($i = 0; $i < 18; ++$i) { $p[] = '$p_' . $i; } $init_crypt = ' list($sb_0, $sb_1, $sb_2, $sb_3) = $self->bctx["sb"]; list(' . implode(',', $p) . ') = $self->bctx["p"]; '; } // Generating encrypt code: $encrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 0; $i < 16; $i += 2) { $encrypt_block .= ' $l^= ' . $p[$i] . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; $r^= ' . $p[$i + 1] . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; '; } $encrypt_block .= ' $in = pack("N*", $r ^ ' . $p[17] . ', $l ^ ' . $p[16] . ' ); '; // Generating decrypt code: $decrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 17; $i > 2; $i -= 2) { $decrypt_block .= ' $l^= ' . $p[$i] . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; $r^= ' . $p[$i - 1] . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; '; } $decrypt_block .= ' $in = pack("N*", $r ^ ' . $p[0] . ', $l ^ ' . $p[1] . ' ); '; $lambda_functions[$code_hash] = $this->_createInlineCryptFunction(array('init_crypt' => $init_crypt, 'init_encrypt' => '', 'init_decrypt' => '', 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block)); } $this->inline_crypt = $lambda_functions[$code_hash]; }
/** * Uses blowfish to decode data assumes data has been base64 encoded with the iv stored as part of the data * @param STRING key - key to base decoding off of * @param STRING encoded base64 encoded blowfish encrypted data * @return string */ function blowfishDecode($key, $encoded) { $data = base64_decode($encoded); $bf = new Crypt_Blowfish($key); return trim($bf->decrypt($data)); }