function verify(string $key, string $nonce, string $aad, string $ciphertext, string $tag) : bool
    $cipher = new Cipher();
    $context = $cipher->init($key, $nonce);
    $cipher->aad($context, $aad);
    $cipher->verify($context, $ciphertext);
    try {
        $cipher->finish($context, $tag);
        return true;
    } catch (AuthenticationException $e) {
        return false;
Esempio n. 2
 public function applyEncriptedIdentity($encryptedtext)
     $cipher = new Cipher($this->passphrase);
     //        var_dump($cipher->decrypt($encryptedtext));
     $decryptedtext = $cipher->decryptJson($encryptedtext);
     //        var_dump($decryptedtext);
     if (!$decryptedtext) {
         return 'invalid';
     if (!$this->setIdentityData($decryptedtext)) {
         return 'expire';
     return true;
Esempio n. 3
 public function actionIndex()
     $this->render('', false);
     $uid = get_param($this->authdata, 'id');
     // Если не авторизованы то идет лесом
     if (!$uid) {
     // иначе получим список доступных ему сайтов, и нарисуем ссылки на них
     $sites = $this->model->getGrantedSites($uid);
     $this->render('', false);
     if (count($sites) === 0) {
     $this->data['siteList'] = '';
     $secure = [$uid, date('Y-m-d H:i:s'), get_param($this->authdata, 'fullname')];
     foreach ($sites as $item) {
         $link = get_param($item, 'link');
         $name = get_param($item, 'sitename');
         $key = get_param($item, 'passkey');
         $cipherText = Cipher::encode($secure, $key, true);
         $cipherText = strtr($cipherText, '+/=', '-,_');
         $link .= "auth/openid/";
         if (strpos($link, 'oper') !== false) {
             $link .= 'token/';
         $link .= $cipherText;
         $this->data['siteList'] .= CHtml::createLink($name, null, ['href' => $link, 'class' => 'list-group-item strong italic']);
     $this->render('panel', false);
Esempio n. 4
  * @param $block
  * @param $ctx
  * @return array
 public static function encrypt($block, $ctx)
     $T1 = Cipher::$T1;
     $T2 = Cipher::$T2;
     $T3 = Cipher::$T3;
     $T4 = Cipher::$T4;
     $b = Utility::pack_octets($block);
     $rounds = $ctx->rounds;
     $b0 = $b[0];
     $b1 = $b[1];
     $b2 = $b[2];
     $b3 = $b[3];
     for ($r = 0; $r < $rounds - 1; $r++) {
         $t0 = $b0 ^ $ctx->rk[$r][0];
         $t1 = $b1 ^ $ctx->rk[$r][1];
         $t2 = $b2 ^ $ctx->rk[$r][2];
         $t3 = $b3 ^ $ctx->rk[$r][3];
         $b0 = $T1[$t0 & 255] ^ $T2[$t1 >> 8 & 255] ^ $T3[$t2 >> 16 & 255] ^ $T4[Utility::zshift($t3, 24)];
         $b1 = $T1[$t1 & 255] ^ $T2[$t2 >> 8 & 255] ^ $T3[$t3 >> 16 & 255] ^ $T4[Utility::zshift($t0, 24)];
         $b2 = $T1[$t2 & 255] ^ $T2[$t3 >> 8 & 255] ^ $T3[$t0 >> 16 & 255] ^ $T4[Utility::zshift($t1, 24)];
         $b3 = $T1[$t3 & 255] ^ $T2[$t0 >> 8 & 255] ^ $T3[$t1 >> 16 & 255] ^ $T4[Utility::zshift($t2, 24)];
     $r = $rounds - 1;
     $t0 = $b0 ^ $ctx->rk[$r][0];
     $t1 = $b1 ^ $ctx->rk[$r][1];
     $t2 = $b2 ^ $ctx->rk[$r][2];
     $t3 = $b3 ^ $ctx->rk[$r][3];
     $b[0] = Cipher::F1($t0, $t1, $t2, $t3) ^ $ctx->rk[$rounds][0];
     $b[1] = Cipher::F1($t1, $t2, $t3, $t0) ^ $ctx->rk[$rounds][1];
     $b[2] = Cipher::F1($t2, $t3, $t0, $t1) ^ $ctx->rk[$rounds][2];
     $b[3] = Cipher::F1($t3, $t0, $t1, $t2) ^ $ctx->rk[$rounds][3];
     return Utility::unpack_octets($b);
Esempio n. 5
  * @param string 56 bytes
  * @param int
 public function __construct($key = null, $iv = null, $mode = Cipher::MODE_CBC)
     if (defined('MCRYPT_BLOWFISH')) {
         $this->impl = new MCryptCipherImpl(MCRYPT_BLOWFISH, Cipher::mcryptModeForMode($mode), $key, $iv);
     } else {
         $this->impl = new BlowfishCipherImpl($mode, $key, $iv);
Esempio n. 6
  * @param string 16 bytes
  * @param int
 public function __construct($key = null, $iv = null, $mode = Cipher::MODE_CBC)
     if (defined('MCRYPT_XTEA')) {
         $this->impl = new MCryptCipherImpl(MCRYPT_XTEA, Cipher::mcryptModeForMode($mode), $key, $iv);
     } else {
         throw new IllegalStateException('No implementation of XTEA is available');
  * Called before any output is sent to create an encrypted cookie with the given value.
  * @param string $key cookie name
  * @param mixed $value to save
  * @param array $config settings
  * return boolean
 public static function set($name, $value, $config = NULL)
     // Use default config settings if needed
     extract($config ?: static::$settings);
     // If the cookie is being removed we want it left blank
     $value = $value ? base64_encode(Cipher::encrypt(json_encode(array(time(), $value)), $key)) : '';
     // Save cookie to user agent
     setcookie($name, $value, $expires, $path, $domain, $secure, $httponly);
 function Get($Setting)
     if (isset($_SESSION[$this->SessionName][$Setting]) && !empty($_SESSION[$this->SessionName][$Setting])) {
         if ($this->encrypted) {
             return Cipher::decrypt($_SESSION[$this->SessionName][$Setting]);
         } else {
             return $_SESSION[$this->SessionName][$Setting];
     } else {
         return '';
Esempio n. 9
  * データを暗号化する
  * @param 配列キー:value, key, iv, algorithm, mode, prefix, suffix
  * 								  パディング防止が必要な場合は、'prefix'と'suffix'を指定する。
  * 								  'prefix'と'suffix'には、メタ文字( . \ + * ? [ ^ ] ( $ ) )のみ指定できます。
  * @return 配列キー:encrypted, iv
 public static function encrypt($arguments)
     // 引数のチェック
     if (false === isset($arguments['value']) || 0 === strlen($arguments['value']) || false === isset($arguments['key']) || 0 === strlen($arguments['key'])) {
         return false;
     if (false === isset($arguments['algorithm']) || 0 === strlen($arguments['algorithm'])) {
         $arguments['algorithm'] = 'rijndael-128';
     if (false === isset($arguments['mode']) || 0 === strlen($arguments['mode'])) {
         $arguments['mode'] = 'cbc';
     // XXX log処理入れる
     if (isset($arguments['prefix']) && isset($arguments['suffix'])) {
         $value = $arguments['prefix'] . $arguments['value'] . $arguments['suffix'];
     } elseif (false === isset($arguments['prefix']) && false === isset($arguments['suffix'])) {
         $value = $arguments['value'];
     } else {
         return false;
     // 暗号モジュールをオープン
     $cipherHandler = mcrypt_module_open($arguments['algorithm'], $algorithm_directory = '', $arguments['mode'], $mode_directory = '');
     // pad
     $value = self::pad($value, mcrypt_enc_get_iv_size($cipherHandler));
     // IVの初期化処理
     self::$iv = NULL;
     if (isset($arguments['iv'])) {
         self::$iv = $arguments['iv'];
     // IVが指定されていない場合、IV を作成
     if (NULL === self::$iv) {
         self::$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($cipherHandler), MCRYPT_DEV_RANDOM);
     // 暗号化処理を初期化
     mcrypt_generic_init($cipherHandler, $arguments['key'], self::$iv);
     // データを暗号化
     $encryptedData = mcrypt_generic($cipherHandler, $value);
     // 暗号化ハンドラを終了
     // モジュールをクローズ
     return $encryptedData;
Esempio n. 10
 public function actionOpenID()
     $secure = get_param($this->arguments, 0);
     $message = '';
     $this->render('', false);
     if (!$secure) {
         $message = 'Отсутствуют авторизационные данные';
     } else {
         // иначе - расшифровываем
         $plain = Cipher::decode($secure, PASSKEY);
         if (!$plain) {
             $message = 'Ошибка при расшифровке данных.';
         } else {
             // Проверка срока годности
             $dt = new DateTime();
             $dt->add(DateInterval::createFromDateString('5 minutes'));
             $expire = get_param($plain, 1) > $dt->format('Y-m-d H:i');
             $uid = get_param($plain, 0);
             //if ($expire) $message = 'Срок авторизации истек. Попробуйте еще раз.';
             $this->authdata = $this->model->openAuth($uid);
             if (!$this->authdata) {
                 $this->preparePopup("Ошибка авторизации.\nНет информации о данном пользователе.\nОбратитесь в отдел АСУ");
             } elseif (!get_param($this->authdata, 'rolename')) {
                 $this->preparePopup("Роль пользователя не определена.\nОбратитесь в отдел АСУ.", 'alert-warning');
             } else {
                 Session::set('auth', $this->authdata);
     $this->data['error'] = $message;
     $this->render('info', false);
     $this->redirect(['location' => '/', 'soft' => intval(!empty($message)), 'delay' => 100]);
Esempio n. 11
  * Function F - To calculate f, we first expand each block Rn-1 from 32 bits to 48 bits.
  * This is done by using a selection table that repeats some of the bits in Rn-1. We'll
  * call the use of this selection table the function E. Thus E(Rn-1) has a 32 bit input
  * block, and a 48 bit output block.
  * @param array $r  32 bit binary, each bit in an array element
  * @param string $k 48 bit binary string
  * @return string 48 bit binary string
 private function f($r, $k)
     $bin = parent::xorBin($k, $this->E($r));
     // create a 32-bit string from $bits by passing it through the S-Boxes
     $bin = $this->s($bin);
     // now send permute $bin as defined by table self::$_p
     $bin = $this->p($bin);
     return $bin;
Esempio n. 12
$group = getGroup($groupid);
if ($group instanceof Error) {
    include_once $HUB_FLM->getCodeDirPath("ui/header.php");
    echo "<h1>Group not found</h1>";
    include_once $HUB_FLM->getCodeDirPath("ui/footer.php");
$dashboardService = "";
//5,6 = scatterplots
//12 Attention Map - broken at present
$vises = "11,1,2,3,4,7,8,9,10";
$lang = $CFG->language;
$dashboardtitle = '';
$salt = openssl_random_pseudo_bytes(32);
$cipher = new Cipher($salt);
$obfuscationkey = $cipher->getKey();
$obfuscationiv = $cipher->getIV();
$dataurl = $CFG->homeAddress . 'api/conversations/' . $groupid;
$reply = createObfuscationEntry($obfuscationkey, $obfuscationiv, $dataurl);
$finaldataurl = $dataurl . '/?id=' . $reply['dataid'];
$userurl = $CFG->homeAddress . 'api/unobfuscatedusers/?id=' . $reply['obfuscationid'];
$dashboardurl = $dashboardService . "&timeout=300&width=1000&height=1000&vis=" . $vises . "&lang=" . $lang . "&title=" . $dashboardtitle . "&url=" . $finaldataurl . "&userurl=" . $userurl;
include_once $HUB_FLM->getCodeDirPath("ui/headerstatsexternal.php");
	<h1 style="padding-top:0px;margin-top:0px;"><?php 
echo $LNG->STATS_GROUP_TITLE . $group->name;
<a href="<?php 
echo $CFG->homeAddress . 'group.php?groupid=' . $groupid;
Esempio n. 13

/* testing file */
/* move this file to your MediaWiki directory if you're too lazy to re-set this requires */
require_once "PEAR.php";
require_once "Crypt/RSA.php";
require_once "extensions/PageProtection/Cipher.php";
$plaintext = "This is plaintext.";
/* create object */
$c = new Cipher();
if ($c->has_error()) {
    print "Error: " . $c->get_last_error() . "\n";
/* encrypt message using default cipher */
$encrypted = $c->encrypt($plaintext);
if ($c->has_error()) {
    print "Error: " . $c->get_last_error() . "\n";
/* get parameters used during encyprion proccess */
$key = $c->mLastKey;
$iv = $c->mLastIV;
$cipher = $c->mLastCipher;
/* decrypt the encrypted message using obtained values */
$result = $c->decrypt($encrypted, $cipher, $key, $iv);
if ($c->has_error()) {
    print "Error: " . $c->get_last_error() . "\n";
/* display results */
Esempio n. 14
function decrypt_api_key($key)
    global $api_scramble_key;
    if (extension_loaded('mcrypt') && extension_loaded('hash')) {
        $cipher = new Cipher($api_scramble_key);
        $key = $cipher->decrypt($key);
    } else {
        $key = convert(base64_decode(strtr($key, '-_,', '+/=')), $api_scramble_key);
    return explode("|", $key);
Esempio n. 15
  * Destructor
  * @return void
 public function __destruct()
Esempio n. 16
  * Creates the subkeys $_mkey (the masking key) and
  * $_rkey (the rotate key) which are 16 bytes each. These are
  * created from the original key. The original key is null
  * padded up to 16 bytes and expanded to 32 bytes. It is then
  * split in half to create $_mkey and $_rkey
  * @return void
 private function createSubKeys()
     $cm = 0x5a827999;
     $mm = 0x6ed9eba1;
     $cr = 19;
     $mr = 17;
     $tm = array();
     $tr = array();
     $xkey = $this->key();
     $tmpkey = array();
     // if the key is less than 32 bytes, pad it to 32 bytes
     // for the key expansion
     if ($this->keySize() < 32) {
         $xkey = str_pad($xkey, 32, "", STR_PAD_RIGHT);
     // split the key up into 4 byte parts, reverse the string,
     // then convert each part into a 32 bit integer
     $xkey = str_split($xkey, 4);
     $xkey = array_map("strrev", $xkey);
     $xkey = array_map("parent::str2Dec", $xkey);
     // set up the values need for creating round and masking keys
     for ($i = 0; $i < 24; ++$i) {
         $tm[$i] = array();
         $tr[$i] = array();
         for ($j = 0; $j < 8; ++$j) {
             $tm[$i][$j] = $cm;
             $cm = parent::uInt32($cm + $mm);
             $tr[$i][$j] = $cr;
             $cr = parent::uInt32($cr + $mr);
     // now create the round and masking keys
     for ($i = 0; $i < 12; ++$i) {
         $j = 2 * $i;
         $xkey[6] = parent::uInt32($xkey[6] ^ $this->f1($xkey[7], $tm[$j][0], $tr[$j][0]));
         $xkey[5] = parent::uInt32($xkey[5] ^ $this->f2($xkey[6], $tm[$j][1], $tr[$j][1]));
         $xkey[4] = parent::uInt32($xkey[4] ^ $this->f3($xkey[5], $tm[$j][2], $tr[$j][2]));
         $xkey[3] = parent::uInt32($xkey[3] ^ $this->f1($xkey[4], $tm[$j][3], $tr[$j][3]));
         $xkey[2] = parent::uInt32($xkey[2] ^ $this->f2($xkey[3], $tm[$j][4], $tr[$j][4]));
         $xkey[1] = parent::uInt32($xkey[1] ^ $this->f3($xkey[2], $tm[$j][5], $tr[$j][5]));
         $xkey[0] = parent::uInt32($xkey[0] ^ $this->f1($xkey[1], $tm[$j][6], $tr[$j][6]));
         $xkey[7] = parent::uInt32($xkey[7] ^ $this->f2($xkey[0], $tm[$j][7], $tr[$j][7]));
         $j = 2 * $i + 1;
         $xkey[6] = parent::uInt32($xkey[6] ^ $this->f1($xkey[7], $tm[$j][0], $tr[$j][0]));
         $xkey[5] = parent::uInt32($xkey[5] ^ $this->f2($xkey[6], $tm[$j][1], $tr[$j][1]));
         $xkey[4] = parent::uInt32($xkey[4] ^ $this->f3($xkey[5], $tm[$j][2], $tr[$j][2]));
         $xkey[3] = parent::uInt32($xkey[3] ^ $this->f1($xkey[4], $tm[$j][3], $tr[$j][3]));
         $xkey[2] = parent::uInt32($xkey[2] ^ $this->f2($xkey[3], $tm[$j][4], $tr[$j][4]));
         $xkey[1] = parent::uInt32($xkey[1] ^ $this->f3($xkey[2], $tm[$j][5], $tr[$j][5]));
         $xkey[0] = parent::uInt32($xkey[0] ^ $this->f1($xkey[1], $tm[$j][6], $tr[$j][6]));
         $xkey[7] = parent::uInt32($xkey[7] ^ $this->f2($xkey[0], $tm[$j][7], $tr[$j][7]));
         // take the least 5 significant bits of each $xkey byte below and assign it
         // to the round key
         $this->_rkey[$i][0] = $xkey[0] & 31;
         $this->_rkey[$i][1] = $xkey[2] & 31;
         $this->_rkey[$i][2] = $xkey[4] & 31;
         $this->_rkey[$i][3] = $xkey[6] & 31;
         // now create 32 byte masking keys
         $this->_mkey[$i][0] = $xkey[7];
         $this->_mkey[$i][1] = $xkey[5];
         $this->_mkey[$i][2] = $xkey[3];
         $this->_mkey[$i][3] = $xkey[1];
Esempio n. 17
  * Decrypt a RC2 encrypted string
  * @param string $text A RC2 encrypted string
  * @return boolean Returns true
 public function decrypt(&$text)
     // first split up the message into four 16 bit parts (2 bytes),
     // then convert each array element to an integer
     $w = self::splitBytes($text);
     $k = self::splitBytes($this->xkey);
     $j = 0;
     // the key index
     for ($i = 15; $i >= 0; --$i) {
         $j = $i * 4;
         /* This is where it gets ugly, RC2 relies on unsigned ints. PHP does
          * not have a nice way to handle unsigned ints, so we have to rely on sprintf.
          * To make RC2 compatible with mCrypt, I also forced everything to 32 bit
          * When I test against mcrypt and the original rc2 C source, I get 32 bit
          * results, even on a 64 bit platform
         $w[3] &= 65535;
         $w[3] = parent::uInt($w[3] << 11) + parent::uInt($w[3] >> 5);
         $w[3] -= parent::uInt($w[0] & ~$w[2]) + parent::uInt($w[1] & $w[2]) + $k[$j + 3];
         $w[3] = parent::uInt32($w[3]);
         $w[2] &= 65535;
         $w[2] = parent::uInt($w[2] << 13) + parent::uInt($w[2] >> 3);
         $w[2] -= parent::uInt($w[3] & ~$w[1]) + parent::uInt($w[0] & $w[1]) + $k[$j + 2];
         $w[2] = parent::uInt32($w[2]);
         $w[1] &= 65535;
         $w[1] = parent::uInt($w[1] << 14) + parent::uInt($w[1] >> 2);
         $w[1] -= parent::uInt($w[2] & ~$w[0]) + parent::uInt($w[3] & $w[0]) + $k[$j + 1];
         $w[1] = parent::uInt32($w[1]);
         $w[0] &= 65535;
         $w[0] = parent::uInt($w[0] << 15) + parent::uInt($w[0] >> 1);
         $w[0] -= parent::uInt($w[1] & ~$w[3]) + parent::uInt($w[2] & $w[3]) + $k[$j + 0];
         $w[0] = parent::uInt32($w[0]);
         if ($i == 5 || $i == 11) {
             $w[3] -= $k[$w[2] & 63];
             $w[2] -= $k[$w[1] & 63];
             $w[1] -= $k[$w[0] & 63];
             $w[0] -= $k[$w[3] & 63];
     /* I am not clear why this is required. It was not mentioned
      * in any of the documentation I read, however reading the original RC2 C
      * source code, this was done and in order for me to get the
      * correct results in PHP I needed to do this as well
     $max = count($w);
     for ($i = 0; $i < $max; ++$i) {
         $pos = $i * 2;
         $text[$pos] = chr($w[$i]);
         $text[$pos + 1] = chr($w[$i] >> 8);
     return true;
Esempio n. 18
 /** @ignore */
 public static function __test($o = null)
Esempio n. 19
  * AES暗号形式で暗号化されたデータを複号化する
  * @param 	$argValue 	デコードする値
  * @param 	$argKey 	暗号キー
  * @param 	$argIv 		IV
  * @return 	$encrypt 	複号化データ
 public static function decryptAES($argValue, $argKey, $argIV = null, $argPrefix = '', $argSuffix = '')
     // パラメータセット
     // XXX パラメータは定数で可変出来るようにする
     $params = array('value' => $argValue, 'key' => $argKey, 'iv' => $argIV, 'algorithm' => 'rijndael-128', 'mode' => 'cbc', 'prefix' => $argPrefix, 'suffix' => $argSuffix);
     // データを暗号化する
     $decrypt = Cipher::decrypt($params);
     // エラー処理
     if (false === $decrypt || NULL === $decrypt) {
         return false;
     return $decrypt;
Esempio n. 20

 * Encryption test
require 'Cipher.php';
// First init the class by calling the constructor
// Pass your personal key to the constructor as a
// parameter.
$cipher = new Cipher('AvErrySeCretPasSw0rd!1!2!3!');
$text = 'This is the piece of text we are going to encrypt.';
// Now we encrypt the above text
// The returned value will be a base64encoded form of your encrypted
// string.
$encrypted = $cipher->encrypt($text);
Esempio n. 21
  * Static method to produce a unique md5 in base52 that excludes vowels
  * @param int $bytes  The number of bytes the result should be
  * @return string  Random number in base52
 public static function slug($bytes)
     return Cipher::baseConvertMapped(static::random($bytes), '0123456789abcdef', '0123456789bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ');
Esempio n. 22
        $this->iv = mcrypt_create_iv(32);
    function encrypt($input)
        return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->securekey, $input, MCRYPT_MODE_ECB, $this->iv));
    function decrypt($input)
        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->securekey, base64_decode($input), MCRYPT_MODE_ECB, $this->iv));
//Check if its a default installation.
if (isset($_POST['wwdb'])) {
    if ($_POST['wwdb'] == "1") {
        //Get details from decrypter
        $cipher = new Cipher('transferDB@321');
        $decryptedtext = $cipher->decrypt($_POST['hiddenstuff']);
        $dbDetails = unserialize($decryptedtext);
        $dbhost = $dbDetails['host'];
        $dbUname = $dbDetails['database_username'];
        $dbPassword = $dbDetails['database_password'];
        $dbName = $_POST['ConfigName'];
    } else {
        $dbhost = $_POST['databasehost'];
        $dbUname = $_POST['databaseusername'];
        $dbPassword = $_POST['databasepassword'];
        $dbName = $_POST['databasename'];
} else {
    $dbhost = $_POST['databasehost'];
    $dbUname = $_POST['databaseusername'];
Esempio n. 23
 		$id = check_param($parts[2], PARAM_TEXT);
 		$response = getUser($id);
 case "unobfuscatedusers":
     if ($len == 2) {
         if (isset($unobfuscationid) && $unobfuscationid != "") {
             $keyArray = getObfuscationKey($unobfuscationid, $request);
             if (!$keyArray instanceof Error) {
                 $key = $keyArray['ObfuscationKey'];
                 $iv = $keyArray['ObfuscationIV'];
                 //error_log("key for users=".$key);
                 //error_log("iv for users=".$iv);
                 if (isset($key) && isset($iv)) {
                     $cipher = new Cipher();
             if ($cipher == "") {
                 error_log("unobfuscation key invalid or expired");
                 global $ERROR;
                 $ERROR = new error();
                 include $HUB_FLM->getCodeDirPath("core/formaterror.php");
             } else {
                 $userset = new UnobfuscatedUserSet();
                 $userset->cipher = $cipher;
                 // add users
Esempio n. 24
  * Creates the subkeys $_mkey (the masking key) and
  * $_rkey (the rotate key) which are 16 bytes each. These are
  * created from the original key. The original key is null
  * padded up to 16 bytes and expanded to 32 bytes. It is then
  * split in half to create $_mkey and $_rkey
  * @return void
 private function createSubKeys()
     $x = $this->key();
     $z = "";
     // init to 16 bytes
     $skey = array();
     // the max length of the key is 16 bytes, however if it is
     // less, pad it with null to get ito to 16 bytes
     if ($this->keySize() < self::BYTES_KEY_MAX) {
         $x = str_pad($x, self::BYTES_KEY_MAX, "", STR_PAD_RIGHT);
     // two loops, each loop does 16 bytes for a total of 32 bytes
     for ($i = 0; $i < 2; ++$i) {
         // z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8]
         $tmp = substr($x, 0x0, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0xd])] ^ self::$_s6[ord($x[0xf])] ^ self::$_s7[ord($x[0xc])] ^ self::$_s8[ord($x[0xe])] ^ self::$_s7[ord($x[0x8])]), 4);
         $z = substr_replace($z, $tmp, 0x0, 4);
         //print "Z0: ".parent::str2Hex($z)." (".strlen($z).")\n";
         // z4z5z6z7 = x8x9xAxB ^ S5[z0] ^ S6[z2] ^ S7[z1] ^ S8[z3] ^ S8[xA]
         $tmp = substr($x, 0x8, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x0])] ^ self::$_s6[ord($z[0x2])] ^ self::$_s7[ord($z[0x1])] ^ self::$_s8[ord($z[0x3])] ^ self::$_s8[ord($x[0xa])]), 4);
         $z = substr_replace($z, $tmp, 0x4, 4);
         // z8z9zAzB = xCxDxExF ^ S5[z7] ^ S6[z6] ^ S7[z5] ^ S8[z4] ^ S5[x9]
         $tmp = substr($x, 0xc, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x7])] ^ self::$_s6[ord($z[0x6])] ^ self::$_s7[ord($z[0x5])] ^ self::$_s8[ord($z[0x4])] ^ self::$_s5[ord($x[0x9])]), 4);
         $z = substr_replace($z, $tmp, 0x8, 4);
         // zCzDzEzF = x4x5x6x7 ^ S5[zA] ^ S6[z9] ^ S7[zB] ^ S8[z8] ^ S6[xB]
         $tmp = substr($x, 0x4, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0xa])] ^ self::$_s6[ord($z[0x9])] ^ self::$_s7[ord($z[0xb])] ^ self::$_s8[ord($z[0x8])] ^ self::$_s6[ord($x[0xb])]), 4);
         $z = substr_replace($z, $tmp, 0xc, 4);
         //print "Z: ".parent::str2Hex($z)." (".strlen($z).")\n";
         // K1  = S5[z8] ^ S6[z9] ^ S7[z7] ^ S8[z6] ^ S5[z2]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0x8])] ^ self::$_s6[ord($z[0x9])] ^ self::$_s7[ord($z[0x7])] ^ self::$_s8[ord($z[0x6])] ^ self::$_s5[ord($z[0x2])]);
         // K2  = S5[zA] ^ S6[zB] ^ S7[z5] ^ S8[z4] ^ S6[z6]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0xa])] ^ self::$_s6[ord($z[0xb])] ^ self::$_s7[ord($z[0x5])] ^ self::$_s8[ord($z[0x4])] ^ self::$_s6[ord($z[0x6])]);
         // K3  = S5[zC] ^ S6[zD] ^ S7[z3] ^ S8[z2] ^ S7[z9]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0xc])] ^ self::$_s6[ord($z[0xd])] ^ self::$_s7[ord($z[0x3])] ^ self::$_s8[ord($z[0x2])] ^ self::$_s7[ord($z[0x9])]);
         // K4  = S5[zE] ^ S6[zF] ^ S7[z1] ^ S8[z0] ^ S8[zC]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0xe])] ^ self::$_s6[ord($z[0xf])] ^ self::$_s7[ord($z[0x1])] ^ self::$_s8[ord($z[0x0])] ^ self::$_s8[ord($z[0xc])]);
         // x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0]
         $tmp = substr($z, 0x8, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x5])] ^ self::$_s6[ord($z[0x7])] ^ self::$_s7[ord($z[0x4])] ^ self::$_s8[ord($z[0x6])] ^ self::$_s7[ord($z[0x0])]), 4);
         $x = substr_replace($x, $tmp, 0x0, 4);
         // x4x5x6x7 = z0z1z2z3 ^ S5[x0] ^ S6[x2] ^ S7[x1] ^ S8[x3] ^ S8[z2]
         $tmp = substr($z, 0x0, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0x0])] ^ self::$_s6[ord($x[0x2])] ^ self::$_s7[ord($x[0x1])] ^ self::$_s8[ord($x[0x3])] ^ self::$_s8[ord($z[0x2])]), 4);
         $x = substr_replace($x, $tmp, 0x4, 4);
         // x8x9xAxB = z4z5z6z7 ^ S5[x7] ^ S6[x6] ^ S7[x5] ^ S8[x4] ^ S5[z1]
         $tmp = substr($z, 0x4, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0x7])] ^ self::$_s6[ord($x[0x6])] ^ self::$_s7[ord($x[0x5])] ^ self::$_s8[ord($x[0x4])] ^ self::$_s5[ord($z[0x1])]), 4);
         $x = substr_replace($x, $tmp, 0x8, 4);
         // xCxDxExF = zCzDzEzF ^ S5[xA] ^ S6[x9] ^ S7[xB] ^ S8[x8] ^ S6[z3]
         $tmp = substr($z, 0xc, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0xa])] ^ self::$_s6[ord($x[0x9])] ^ self::$_s7[ord($x[0xb])] ^ self::$_s8[ord($x[0x8])] ^ self::$_s6[ord($z[0x3])]), 4);
         $x = substr_replace($x, $tmp, 0xc, 4);
         // K5  = S5[x3] ^ S6[x2] ^ S7[xC] ^ S8[xD] ^ S5[x8]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0x3])] ^ self::$_s6[ord($x[0x2])] ^ self::$_s7[ord($x[0xc])] ^ self::$_s8[ord($x[0xd])] ^ self::$_s5[ord($x[0x8])]);
         // K6  = S5[x1] ^ S6[x0] ^ S7[xE] ^ S8[xF] ^ S6[xD]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0x1])] ^ self::$_s6[ord($x[0x0])] ^ self::$_s7[ord($x[0xe])] ^ self::$_s8[ord($x[0xf])] ^ self::$_s6[ord($x[0xd])]);
         // K7  = S5[x7] ^ S6[x6] ^ S7[x8] ^ S8[x9] ^ S7[x3]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0x7])] ^ self::$_s6[ord($x[0x6])] ^ self::$_s7[ord($x[0x8])] ^ self::$_s8[ord($x[0x9])] ^ self::$_s7[ord($x[0x3])]);
         // K8  = S5[x5] ^ S6[x4] ^ S7[xA] ^ S8[xB] ^ S8[x7]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0x5])] ^ self::$_s6[ord($x[0x4])] ^ self::$_s7[ord($x[0xa])] ^ self::$_s8[ord($x[0xb])] ^ self::$_s8[ord($x[0x7])]);
         // z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8]
         $tmp = substr($x, 0x0, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0xd])] ^ self::$_s6[ord($x[0xf])] ^ self::$_s7[ord($x[0xc])] ^ self::$_s8[ord($x[0xe])] ^ self::$_s7[ord($x[0x8])]), 4);
         $z = substr_replace($z, $tmp, 0x0, 4);
         // z4z5z6z7 = x8x9xAxB ^ S5[z0] ^ S6[z2] ^ S7[z1] ^ S8[z3] ^ S8[xA]
         $tmp = substr($x, 0x8, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x0])] ^ self::$_s6[ord($z[0x2])] ^ self::$_s7[ord($z[0x1])] ^ self::$_s8[ord($z[0x3])] ^ self::$_s8[ord($x[0xa])]), 4);
         $z = substr_replace($z, $tmp, 0x4, 4);
         // z8z9zAzB = xCxDxExF ^ S5[z7] ^ S6[z6] ^ S7[z5] ^ S8[z4] ^ S5[x9]
         $tmp = substr($x, 0xc, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x7])] ^ self::$_s6[ord($z[0x6])] ^ self::$_s7[ord($z[0x5])] ^ self::$_s8[ord($z[0x4])] ^ self::$_s5[ord($x[0x9])]), 4);
         $z = substr_replace($z, $tmp, 0x8, 4);
         // zCzDzEzF = x4x5x6x7 ^ S5[zA] ^ S6[z9] ^ S7[zB] ^ S8[z8] ^ S6[xB]
         $tmp = substr($x, 0x4, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0xa])] ^ self::$_s6[ord($z[0x9])] ^ self::$_s7[ord($z[0xb])] ^ self::$_s8[ord($z[0x8])] ^ self::$_s6[ord($x[0xb])]), 4);
         $z = substr_replace($z, $tmp, 0xc, 4);
         // K9  = S5[z3] ^ S6[z2] ^ S7[zC] ^ S8[zD] ^ S5[z9]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0x3])] ^ self::$_s6[ord($z[0x2])] ^ self::$_s7[ord($z[0xc])] ^ self::$_s8[ord($z[0xd])] ^ self::$_s5[ord($z[0x9])]);
         // K10 = S5[z1] ^ S6[z0] ^ S7[zE] ^ S8[zF] ^ S6[zC]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0x1])] ^ self::$_s6[ord($z[0x0])] ^ self::$_s7[ord($z[0xe])] ^ self::$_s8[ord($z[0xf])] ^ self::$_s6[ord($z[0xc])]);
         // K11 = S5[z7] ^ S6[z6] ^ S7[z8] ^ S8[z9] ^ S7[z2]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0x7])] ^ self::$_s6[ord($z[0x6])] ^ self::$_s7[ord($z[0x8])] ^ self::$_s8[ord($z[0x9])] ^ self::$_s7[ord($z[0x2])]);
         // K12 = S5[z5] ^ S6[z4] ^ S7[zA] ^ S8[zB] ^ S8[z6]
         $skey[] = parent::uInt32(self::$_s5[ord($z[0x5])] ^ self::$_s6[ord($z[0x4])] ^ self::$_s7[ord($z[0xa])] ^ self::$_s8[ord($z[0xb])] ^ self::$_s8[ord($z[0x6])]);
         // x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0]
         $tmp = substr($z, 0x8, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($z[0x5])] ^ self::$_s6[ord($z[0x7])] ^ self::$_s7[ord($z[0x4])] ^ self::$_s8[ord($z[0x6])] ^ self::$_s7[ord($z[0x0])]), 4);
         $x = substr_replace($x, $tmp, 0x0, 4);
         // x4x5x6x7 = z0z1z2z3 ^ S5[x0] ^ S6[x2] ^ S7[x1] ^ S8[x3] ^ S8[z2]
         $tmp = substr($z, 0x0, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0x0])] ^ self::$_s6[ord($x[0x2])] ^ self::$_s7[ord($x[0x1])] ^ self::$_s8[ord($x[0x3])] ^ self::$_s8[ord($z[0x2])]), 4);
         $x = substr_replace($x, $tmp, 0x4, 4);
         // x8x9xAxB = z4z5z6z7 ^ S5[x7] ^ S6[x6] ^ S7[x5] ^ S8[x4] ^ S5[z1]
         $tmp = substr($z, 0x4, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0x7])] ^ self::$_s6[ord($x[0x6])] ^ self::$_s7[ord($x[0x5])] ^ self::$_s8[ord($x[0x4])] ^ self::$_s5[ord($z[0x1])]), 4);
         $x = substr_replace($x, $tmp, 0x8, 4);
         // xCxDxExF = zCzDzEzF ^ S5[xA] ^ S6[x9] ^ S7[xB] ^ S8[x8] ^ S6[z3]
         $tmp = substr($z, 0xc, 4);
         $tmp = parent::dec2Str(parent::uInt32(parent::str2Dec($tmp) ^ self::$_s5[ord($x[0xa])] ^ self::$_s6[ord($x[0x9])] ^ self::$_s7[ord($x[0xb])] ^ self::$_s8[ord($x[0x8])] ^ self::$_s6[ord($z[0x3])]), 4);
         $x = substr_replace($x, $tmp, 0xc, 4);
         // K13 = S5[x8] ^ S6[x9] ^ S7[x7] ^ S8[x6] ^ S5[x3]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0x8])] ^ self::$_s6[ord($x[0x9])] ^ self::$_s7[ord($x[0x7])] ^ self::$_s8[ord($x[0x6])] ^ self::$_s5[ord($x[0x3])]);
         // K14 = S5[xA] ^ S6[xB] ^ S7[x5] ^ S8[x4] ^ S6[x7]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0xa])] ^ self::$_s6[ord($x[0xb])] ^ self::$_s7[ord($x[0x5])] ^ self::$_s8[ord($x[0x4])] ^ self::$_s6[ord($x[0x7])]);
         // K15 = S5[xC] ^ S6[xD] ^ S7[x3] ^ S8[x2] ^ S7[x8]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0xc])] ^ self::$_s6[ord($x[0xd])] ^ self::$_s7[ord($x[0x3])] ^ self::$_s8[ord($x[0x2])] ^ self::$_s7[ord($x[0x8])]);
         // K16 = S5[xE] ^ S6[xF] ^ S7[x1] ^ S8[x0] ^ S8[xD]
         $skey[] = parent::uInt32(self::$_s5[ord($x[0xe])] ^ self::$_s6[ord($x[0xf])] ^ self::$_s7[ord($x[0x1])] ^ self::$_s8[ord($x[0x0])] ^ self::$_s8[ord($x[0xd])]);
     // create the 16 byte masking and rotate subkeys
     $this->_mkey = array_slice($skey, 0, 16);
     $this->_rkey = array_slice($skey, 16, 16);
     // $_rkey only uses the least significant 5 bits
     $this->_rkey = array_map(function ($v) {
         return $v &= 31;
     }, $this->_rkey);
     // there is 4kb in the s5 - s8 sboxes, which are not needed after we
     // create the subkeys, so free up the memory. unset() doesn't work here
     for ($i = 5; $i <= 8; ++$i) {
         self::${"_s{$i}"} = null;
Esempio n. 25
     $userArray[$user->userid] = $user;
     $nodeArray[$node->nodeid] = $node;
 // Add any users on connections but not on nodes (brokers).
 $conns = $view->connections;
 $countj = count($conns);
 for ($j = 0; $j < $countj; $j++) {
     $viewcon = $conns[$j];
     $con = $viewcon->connection;
     $user = $con->users[0];
     $userArray[$user->userid] = $user;
 $salt = openssl_random_pseudo_bytes(32);
 $cipher = new Cipher($salt);
 $obfuscationkey = $cipher->getKey();
 $obfuscationiv = $cipher->getIV();
 $reply = createObfuscationEntry($obfuscationkey, $obfuscationiv, $url);
 $url = $url . "/?id=" . $reply['dataid'];
 $reply = getAlertMetrics($url, $cipher, $alerttypes, $timeout, $userids, $root);
 //error_log(print_r($reply, true));
 // { warnings : [ string,* ], results : [ result,* ] }
 $replyObj = json_decode($reply);
 $results = $replyObj->responses;
 if (!isset($results[0]->error) && isset($results[0]->data)) {
     $replydata = $results[0]->data;
     $alertArray = array();
     //post by alert type
     $userArray = array();
Esempio n. 26
  * Extracts the Signed Token from an EncryptedData block
  * @throws \Zend\InfoCard\Exception
  * @param string $strXmlToken The EncryptedData XML block
  * @return string The XML of the Signed Token inside of the EncryptedData block
 protected function _extractSignedToken($strXmlToken)
     $encryptedData = XML\EncryptedData\Factory::getInstance($strXmlToken);
     // Determine the Encryption Method used to encrypt the token
     switch ($encryptedData->getEncryptionMethod()) {
         case Cipher::ENC_AES128CBC:
         case Cipher::ENC_AES256CBC:
             throw new Exception\RuntimeException("Unknown Encryption Method used in the secure token");
     // Figure out the Key we are using to decrypt the token
     $keyinfo = $encryptedData->getKeyInfo();
     if (!$keyinfo instanceof XML\KeyInfo\XMLDSig) {
         throw new Exception\RuntimeException("Expected a XML digital signature KeyInfo, but was not found");
     $encryptedKey = $keyinfo->getEncryptedKey();
     switch ($encryptedKey->getEncryptionMethod()) {
         case Cipher::ENC_RSA:
         case Cipher::ENC_RSA_OAEP_MGF1P:
             throw new Exception\RuntimeException("Unknown Key Encryption Method used in secure token");
     $securityTokenRef = $encryptedKey->getKeyInfo()->getSecurityTokenReference();
     $key_id = $this->_findCertifiatePairByDigest($securityTokenRef->getKeyReference());
     if (!$key_id) {
         throw new Exception\RuntimeException("Unable to find key pair used to encrypt symmetric InfoCard Key");
     $certificate_pair = $this->getCertificatePair($key_id);
     // Santity Check
     if ($certificate_pair['type_uri'] != $encryptedKey->getEncryptionMethod()) {
         throw new Exception\RuntimeException("Certificate Pair which matches digest is not of same algorithm type as document, check addCertificate()");
     $PKcipher = Cipher::getInstanceByURI($encryptedKey->getEncryptionMethod());
     $keyCipherValueBase64Decoded = base64_decode($encryptedKey->getCipherValue(), true);
     $symmetricKey = $PKcipher->decrypt($keyCipherValueBase64Decoded, file_get_contents($certificate_pair['private']), $certificate_pair['password']);
     $symCipher = Cipher::getInstanceByURI($encryptedData->getEncryptionMethod());
     $dataCipherValueBase64Decoded = base64_decode($encryptedData->getCipherValue(), true);
     $signedToken = $symCipher->decrypt($dataCipherValueBase64Decoded, $symmetricKey);
     return $signedToken;
Esempio n. 27
  * Expand a 32 byte key, the size it is expanded to varies
  * based on the block size of the Rijndael implementation chosen
  * @return void
 private function expandKey256()
     // clear the xkey, we're creating a new one
     $this->xkey = "";
     $max = 0;
     // the number of rounds we make depends on the block size of the text
     // used during encryption/decryption
     if ($this->blockSize() == 16) {
         $max = 60;
     if ($this->blockSize() == 24) {
         $max = 90;
     if ($this->blockSize() == 32) {
         $max = 120;
     // 32 byte key expands to 240 bytes
     for ($i = 0; $i < $max; ++$i) {
         if ($i >= 0 && $i <= 7) {
             $this->xkey .= $this->k($i * 4);
         } else {
             if ($i % 8 == 0) {
                 // rotate the 4 bytes
                 $subword = $this->rotWord($this->ek(($i - 1) * 4));
                 // apply the sbox
                 // return 4 byte value based on self::$_rcon table
                 $rcon = $this->rcon($i / 8);
                 // grab 4 bytes from $this->extended_key
                 $ek = $this->ek(($i - 8) * 4);
                 $h1 = parent::str2Hex($subword);
                 $h2 = parent::dec2Hex($rcon);
                 $h3 = parent::str2Hex($ek);
                 $res = parent::xorHex($h1, $h2, $h3);
                 $this->xkey .= parent::hex2Str($res);
             } else {
                 if ($i % 4 == 0) {
                     // get the subsitution from the s-box
                     $subword = $this->ek(($i - 1) * 4);
                     // get the extended key part
                     $ek = $this->ek(($i - 8) * 4);
                     // xor the two parts
                     $h1 = parent::str2Hex($subword);
                     $h2 = parent::str2Hex($ek);
                     $res = parent::xorHex($h1, $h2);
                     $this->xkey .= parent::hex2Str($res);
                 } else {
                     $h1 = parent::str2Hex($this->ek(($i - 1) * 4));
                     $h2 = parent::str2Hex($this->ek(($i - 8) * 4));
                     $res = parent::xorHex($h1, $h2);
                     $this->xkey .= parent::hex2Str($res);
     return true;
Esempio n. 28
  * 3Way's PI_2 function
  * This was taken from mcrypt's 3-way pi_2() function
  * @param array $d A 3 element 32 bit integer array
  * @return void
 private function pi2(&$d)
     $d[0] = parent::uInt32($d[0] << 1 ^ $d[0] >> 31);
     $d[2] = parent::uInt32($d[2] >> 10 ^ $d[2] << 22);
Esempio n. 29

ini_set('display_errors', 1);
require_once dirname(__FILE__) . '/../Cipher.php';
Cipher::$defaultOptions['cipher'] = MCRYPT_RIJNDAEL_256;
$out = Cipher::init($_REQUEST['options'])->{$_REQUEST['method']}($_REQUEST['subject']);
if (!$_REQUEST['options']['base']) {
    $out = preg_replace_callback('/[\\x00-\\x20\\x7F-\\xFF]/', 'make_printable', $out);
echo $out;
function make_printable($match)
    $hex = dechex(ord($match[0]));
    $hex = strtoupper($hex);
    if (strlen($hex) == 1) {
        return '\\x0' . $hex;
    } else {
        return '\\x' . $hex;
Esempio n. 30
 public function get_token_value()
     if (!isset($this->_token_id)) {
         trigger_error("Construct Not Called on Iron Class");
     if (!isset($_SESSION[$this->_token_id])) {
         $_SESSION[$this->_token_id] = urlencode(Cipher::getRandomKey());
     return $_SESSION[$this->_token_id];