protected function _doTest($v, $ignore) { $ob = new Horde_Crypt_Blowfish($v['key'], array('cipher' => 'cbc', 'ignore' => $ignore, 'iv' => $v['iv'])); $encrypt = $ob->encrypt($v['plain']); // Let's verify some sort of obfuscation occurred. $this->assertNotEquals($v['plain'], $encrypt); $this->assertEquals($v['plain'], $ob->decrypt($encrypt)); }
protected function _doTest($ignore) { $ob = new Horde_Crypt_Blowfish('test', array('cipher' => 'ecb', 'ignore' => $ignore)); foreach ($this->vectors as $val) { $ob->setKey($val['key']); $encrypt = $ob->encrypt($val['plain']); // Let's verify some sort of obfuscation occurred. $this->assertNotEquals($val['plain'], $encrypt); $this->assertEquals($val['plain'], $ob->decrypt($encrypt)); } }
/** * Attempt to login to remote account. * * @param string $password The password to use. If null, attempts to use * the encrypted password stored in the config. * @param boolean $save If true, save the password (encrypted) to the * config. * * @return integer One of the LOGIN_* constants. */ public function login($password = null, $save = false) { global $injector, $registry; if ($this->imp_imap->init) { return self::LOGIN_OK; } $blowfish_params = array('cipher' => 'cbc', 'iv' => str_repeat("", Horde_Crypt_Blowfish::IV_LENGTH)); if (is_null($password)) { if (!isset($this->_config['password_save'])) { return self::LOGIN_BAD; } /* Use the user's current password as the key, after using * PBKDF2 for key lengthening. This means that stored passwords * will be invalidated anytime the "master" password is * changed, but that is ok (not really another option). */ list($salt, $pass) = explode("", base64_decode($this->_config['password_save']), 2); $blowfish = new Horde_Crypt_Blowfish(strval(new Horde_Crypt_Blowfish_Pbkdf2($registry->getAuthCredential('password'), 24, array('salt' => $salt))), $blowfish_params); $password = $blowfish->decrypt($pass); } $this->imp_imap->createImapObject(array('hostspec' => $this->hostspec, 'password' => new IMP_Imap_Password($password), 'port' => $this->port, 'secure' => $this->secure, 'username' => $this->username), $this->type == self::IMAP, strval($this)); try { $this->imp_imap->login(); } catch (IMP_Imap_Exception $e) { $injector->getInstance('IMP_Factory_Imap')->destroy(strval($this)); if (!isset($this->_config['password_save'])) { return self::LOGIN_BAD; } unset($this->_config['password_save']); return self::LOGIN_BAD_CHANGED; } if (!$save || isset($this->_config['password_save'])) { return self::LOGIN_OK; } $pbkdf2 = new Horde_Crypt_Blowfish_Pbkdf2($registry->getAuthCredential('password'), 24); $blowfish = new Horde_Crypt_Blowfish(strval($pbkdf2), $blowfish_params); /* Storage details (password_save): * - PBKDF2 Salt * - "\0" * - Encrypted data (Remote account password) */ $this->_config['password_save'] = base64_encode(implode("", array($pbkdf2->salt, $blowfish->encrypt($password)))); return self::LOGIN_OK_CHANGED; }