function CheckLicense()
{
global $LKey, $Trial, $SaveVars, $Errors, $Lang, $CLang;
if (!$LKey && !$Trial) {
return false;
}
if ($LKey) {
$BF = new Crypt_Blowfish('ns tracker license ');
$Decoded = $BF->decrypt($LKey);
$LArray = GetLicenseText($Decoded);
if ($LArray) {
if (!isset($LArray['P'])) {
$Errors[] = $Lang['SecondaryKey'];
return;
}
$GLOBALS['LArray'] = $LArray;
foreach ($LArray as $Key => $Val) {
$GLOBALS['Lc' . $Key] = $Val;
$SaveVars[] = "Lc" . $Key;
}
} else {
$Errors[] = $Lang['BadLicense'];
}
}
if (count($Errors)) {
return;
}
NextStep();
}
/**
* isDefault
*
* @access public
* @return bool false if the user is authenticated, true if not (default user)
*/
public function isDefault()
{
$session =& Framework_Session::singleton();
if (is_null($session->email)) {
return true;
}
// Check timeout
$time = time();
$lastActionTime = $session->lastActionTime;
$timeLimit = (int) Framework::$site->config->inactiveTimeout;
$this->recordio("timeout info: time: {$time}, lastActionTime: {$lastActionTime}, timeLimit: {$timeLimit}");
if ($time - $lastActionTime > $timeLimit) {
header('Location: ./?module=Login&event=logoutInactive');
return false;
}
// Authenticate
$encryptedPass = $session->password;
$crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey);
$plainPass = $crypt->decrypt($encryptedPass);
if ($this->authenticate($session->email, $plainPass)) {
$session->lastActionTime = $time;
return false;
}
return true;
}
public function __construct(&$params = null)
{
parent::__construct($params);
extract($this->using('cookie', 'misc'));
session_set_cookie_params($cookie->lifetime, $cookie->path, $cookie->domain);
session_start();
if ($this->encryption) {
$sess_key = preg_replace('/[^a-zA-Z0-9]/', '', $cookie->get('sess_key'));
if (strlen($sess_key) != 12) {
$cookie->set('sess_key', $sess = $misc->random_string(12));
}
if (strlen($sess_key) == 12 && isset($_SESSION['data']) && isset($_SESSION['pass']) && $_SESSION['pass'] == md5(TM_UNIQUE_STR)) {
$bf = new Crypt_Blowfish($sess_key);
$data = @unserialize(function_exists('gzuncompress') && $this->compress ? @gzuncompress($bf->decrypt($_SESSION['data'])) : $bf->decrypt($_SESSION['data']));
$_SESSION = $data ? $data : array();
} else {
$_SESSION = array();
}
}
}
public function decrypt($ciphertext)
{
$plainTextLength = intval(substr($ciphertext, -6));
$ciphertext = substr($ciphertext, 0, -6);
$plaintext = '';
$chunks = explode('=', $ciphertext);
$ending_value = count($chunks);
for ($counter = 0; $counter < $ending_value - 1; $counter++) {
$chunk = $chunks[$counter] . '=';
$decoded = base64_decode($chunk);
$piece = parent::decrypt($decoded);
$plaintext = $plaintext . $piece;
}
return substr($plaintext, 0, $plainTextLength);
}
public static function decrypt($sData, $asKey = null)
{
if (empty($sData)) {
throw new Exception("Empty data");
}
$sKey = empty($asKey) ? FlexiConfig::$sEncryptionKey : $asKey;
$blowfish = new Crypt_Blowfish($sKey);
$sResult = $blowfish->decrypt($sData);
// if (strlen($sResult) > 0) {
// while (ord($sResult[strlen($sResult)-1]) == 0) {
// $sResult = substr($sResult,0,-1);
// }
// }
return $sResult;
//return mcrypt_decrypt( MCRYPT_BLOWFISH, $sKey, $sData, MCRYPT_MODE_CBC, self::getMode() );
}
function wrap_bp_decrypt($cipher_id, $key, $text, $iv)
{
$bf = new Crypt_Blowfish('cbc');
$iv_size = strlen($iv);
if ($iv_size !== false && $iv_size > 0) {
$bf->setKey($key, $iv);
} else {
$bf->setKey($key);
}
$text = $bf->decrypt($text);
if (PEAR::isError($text)) {
$last_bp_error = 'blowfish_decrypt_error ' . $text->getMessage();
return false;
}
$text = rtrim($text, "");
return $text;
}
function passwordDecrypt($encrypt_char)
{
if ($encrypt_char == "") {
return "";
}
$encrypted = base64_decode($encrypt_char);
$blowfish = new Crypt_Blowfish(CBF_KEY);
$passwd = $blowfish->decrypt($encrypted);
// 末尾の「\0」を削除
$passwd = rtrim($passwd, "");
return $passwd;
}
function decryptText($text)
{
require_once 'Crypt/Blowfish.php';
$bf = new Crypt_Blowfish(ENCRYPTKEY);
$plaintext = $bf->decrypt(convertString(trim($text)));
return trim($plaintext);
}
/**
* Uses blowfish to decode data assumes data has been base64 encoded with the iv stored as part of the data
* @param STRING key - key to base decoding off of
* @param STRING encoded base64 encoded blowfish encrypted data
* @return string
*/
function blowfishDecode($key, $encoded)
{
$data = base64_decode($encoded);
$bf = new Crypt_Blowfish($key);
return trim($bf->decrypt($data));
}
function decrypt($ciphertext)
{
$plaintext = '';
$chunks = explode('=', $ciphertext);
$ending_value = sizeof($chunks);
for ($counter = 0; $counter < $ending_value - 1; $counter++) {
$chunk = $chunks[$counter] . '=';
$decoded = base64_decode($chunk);
$piece = parent::decrypt($decoded);
$plaintext = $plaintext . $piece;
}
return $plaintext;
}
function call_decrypt($key, $encrypted_text) {
// call pear init & call
//call_pear_init();
require_once ('Crypt/Blowfish.php');
// Create the Crypt_Blowfish object using a secret key. The key must be
//protected at all costs. The key is like a password to access the data.
$blowfish = new Crypt_Blowfish($key);
// This is the text we will encrypt
$d = pack("H*", $encrypted_text);
$decrypted = $blowfish->decrypt($d);
return($decrypted);
}
/**
* Decrypts data using Blowfish
*
* Requires either `mcrypt` extension or `Crypt_Blowfish` PEAR package. Automatically
* handles URL safe Base64 encoding.
*
* @param mixed $data Data to decrypt
* @param string $pass_phrase Secret passphrase to decrypt the data
* @return string|bool Decrypted data, or `false` if decryption is not available
* @api
*/
public static function decrypt($data, $pass_phrase = '')
{
@(include_once "Crypt/Blowfish.php");
// PEAR
if (($use_mcrypt = extension_loaded('mcrypt')) === false || !class_exists('\\Crypt_Blowfish')) {
return false;
}
$pass_phrase = hash('sha256', $pass_phrase . NONCE_SALT, true);
$data = self::base64UrlUnsafe($data);
if ($use_mcrypt) {
return mcrypt_decrypt(MCRYPT_BLOWFISH, $pass_phrase, base64_decode($data), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND));
} else {
$bf = new \Crypt_Blowfish($pass_phrase);
return $bf->decrypt(base64_decode($data));
}
}
function checkDeviceId($key = '')
{
if ($this->vars['ua']['isBot'] || strpos($this->myRoot . $this->SERVER['REQUEST_URI'], str_replace('&', '&', $this->Config_redirect)) === 0) {
return true;
}
if ($this->vars['ua']['carrier'] === 'docomo') {
// docomo only
if (empty($_POST)) {
$now = time();
if (!isset($_SESSION['hypKtaiStartTime'])) {
$_SESSION['hypKtaiStartTime'] = 0;
}
if ($_SESSION['hypKtaiStartTime'] + $this->Config_docomoGuidTTL < $now && strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE) {
$_SESSION['hypKtaiStartTime'] = $now;
// 未取得なので guid=on をつけてリダイレクト
$joint = strpos($this->SERVER['REQUEST_URI'], '?') === FALSE ? '?' : '&';
$url = $this->myRoot . $this->SERVER['REQUEST_URI'] . $joint . 'guid=on';
if (!$this->vars['ua']['allowCookie']) {
$url = $this->removeSID($url);
$sid = '&' . $this->session_name . '=' . session_id();
} else {
$sid = '';
}
header('Location: ' . $url . $sid);
return 'redirect';
}
}
// PEAR
$incPath = ini_get('include_path');
$addPath = XOOPS_TRUST_PATH . '/PEAR';
if (strpos($incPath, $addPath) === FALSE) {
ini_set('include_path', $incPath . PATH_SEPARATOR . $addPath);
}
require_once 'Crypt/Blowfish.php';
$blowfish = new Crypt_Blowfish($key);
// Crypt_Blowfish => 1.0.1
//$blowfish = Crypt_Blowfish::factory('ecb', $key); // Crypt_Blowfish => 1.1.0RC1
if (strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE && !$this->vars['ua']['uid'] && isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録済み
$_SERVER['HTTP_X_DCMGUID'] = $this->vars['ua']['uid'] = rtrim($blowfish->decrypt(base64_decode($_SESSION['hypKtaiUserId'])), "");
} else {
if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録されていなければ登録
$_SESSION['hypKtaiUserId'] = base64_encode($blowfish->encrypt($this->vars['ua']['uid']));
} else {
if (isset($_SESSION['hypKtaiUserId'])) {
// セッション登録値と比較
if ($_SESSION['hypKtaiUserId'] != base64_encode($blowfish->encrypt($this->vars['ua']['uid']))) {
return false;
}
}
}
}
//$_SESSION['hyp_redirect_message'] = $_SERVER['HTTP_X_DCMGUID'];
} else {
// other carrier
if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録されていなければ登録
$_SESSION['hypKtaiUserId'] = md5($this->vars['ua']['uid'] . $key);
} else {
if (isset($_SESSION['hypKtaiUserId'])) {
// セッション登録値と比較
if ($_SESSION['hypKtaiUserId'] != md5($this->vars['ua']['uid'] . $key)) {
return false;
}
}
}
}
return true;
}
/** Decrpyted the given base64 string using the blowfish cipher
@param base64Value Base 64 encoded string.
@see _encryptValue(), _unpackValue() */
function _decryptValue($base64Value, $config)
{
extract($config);
$prefixLen = strlen($prefix);
if (substr($base64Value, 0, $prefixLen) != $prefix) {
$this->log(__METHOD__ . " Security prefix is missing: '{$base64Value}'");
return false;
}
$encrypted = base64_decode(substr($base64Value, $prefixLen));
if ($encrypted === false) {
$this->log(__METHOD__ . " Could not decode base64 value '{$base64Value}'");
return false;
}
$bf = new Crypt_Blowfish($key);
$envelope = trim($bf->decrypt($encrypted), chr(0));
$value = $this->_unpackValue($envelope, $saltLen);
if ($value === false) {
$this->log(__METHOD__ . " Could not unpack value from '{$envelope}'");
return false;
}
if (PEAR::isError($value)) {
$this->log($value->getMessage());
return false;
}
return $value;
}
/**
* Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data
* @param string key - key to base encoding off of
* @param string data - string to be encrypted and encoded
* @param object Crypt_Blowfish object
* @return string
*/
public function openLicense($key, $data, $bf = null)
{
$plain = '';
$encrypted = '';
$i = 0;
$part = 0;
$licenseType = '';
$data = $data . "\n";
$len = strlen($data);
$line = '';
while ($i < $len) {
if (substr($data, $i, 1) != "\n") {
$line .= substr($data, $i, 1);
} else {
switch ($part) {
case 0:
$match = array();
if (preg_match("/----- BEGIN (.*) -----/", $line, $match)) {
$part = 1;
$licenseType = $match[1];
}
break;
case 1:
$match = array();
if (preg_match("/----- END {$licenseType} -----/", $line, $match)) {
$part = 2;
} else {
$encrypted .= trim($line);
}
break;
default:
# code...
break;
}
$line = '';
}
$i++;
}
if ($part != 2) {
// @codeCoverageIgnoreStart
throw new Exception(translate('LBL_PMSE_CRYPT_ERROR_LICENSENOTVALID', $this->moduleName));
// @codeCoverageIgnoreEnd
} else {
$data = base64_decode($encrypted);
if (!$bf) {
// @codeCoverageIgnoreStart
$bf = new Crypt_Blowfish($key);
}
// @codeCoverageIgnoreEnd
return trim($bf->decrypt($data));
}
}
/**
* Load generated password in plain-text format
* it is only available 6 hours after signup and
* supposed to be displayed on thanks page
*
* @return string|null
*/
function getStoredPlaintextPassword()
{
$pg = $this->getDi()->store->get('pass-generated-' . $this->pk());
if (!$pg) {
return null;
}
$crypt = new Crypt_Blowfish($this->getDi()->app->getSiteKey());
return $crypt->decrypt(base64_decode($pg));
}
/**
*
*
* @param
* @return
*/
function decrypt($name, $encrypted_string)
{
if (!$name && !$encrypted_string) {
return $encrypted_string;
}
global $application;
$session_id = session_id();
$tables = $this->getTables();
$table = 'crypto_keys';
$k = $tables[$table]['columns'];
$query = new DB_Select();
$query->addSelectField($k["key"], "crypto_key");
$query->WhereValue($k["id"], DB_EQ, $session_id);
$query->WhereAnd();
$query->WhereValue($k["name"], DB_EQ, $name);
$result = $application->db->getDB_Result($query);
if (isset($result[0]['crypto_key']) && $result[0]['crypto_key']) {
$key = $result[0]['crypto_key'];
$query = new DB_Delete($table);
$query->WhereValue($k["id"], DB_EQ, $session_id);
$query->WhereAnd();
$query->WhereValue($k["name"], DB_EQ, $name);
$application->db->getDB_Result($query);
$blowfish = new Crypt_Blowfish($key);
$blowfish->setKey($key);
$string = $blowfish->decrypt($encrypted_string);
} else {
return "";
}
return $string;
}
