public function decrypt_key()
{
// Get some test data to encrypt, this is an ISO 8601 timestamp
$toEncrypt = date("c");
// JSON encode the timestamp, both encrypted and unencrypted
echo json_encode(array("encrypted" => AesCtr::encrypt($toEncrypt, $this->CI->jencryptcicookie->userdata('key'), 256), "unencrypted" => $toEncrypt));
}
public function sendResetPasswordEmail($emailOrUserId)
{
$user = new User();
$user->Load("email = ?", array($emailOrUserId));
if (empty($user->id)) {
$user = new User();
$user->Load("username = ?", array($emailOrUserId));
if (empty($user->id)) {
return false;
}
}
$params = array();
//$params['user'] = $user->first_name." ".$user->last_name;
$params['url'] = CLIENT_BASE_URL;
$newPassHash = array();
$newPassHash["CLIENT_NAME"] = CLIENT_NAME;
$newPassHash["oldpass"] = $user->password;
$newPassHash["email"] = $user->email;
$newPassHash["time"] = time();
$json = json_encode($newPassHash);
$encJson = AesCtr::encrypt($json, $user->password, 256);
$encJson = urlencode($user->id . "-" . $encJson);
$params['passurl'] = CLIENT_BASE_URL . "service.php?a=rsp&key=" . $encJson;
$emailBody = file_get_contents(APP_BASE_PATH . '/templates/email/passwordReset.html');
$this->sendEmail("[" . APP_NAME . "] Password Change Request", $user->email, $emailBody, $params);
return true;
}
public function encrypt($strValue)
{
if ($strValue == '' || $this->strEncryptionKey == '') {
return '';
}
$strEncrypted = AesCtr::encrypt($strValue, $this->strEncryptionKey, 256);
return $strEncrypted;
}
function codificar($cadena) {
if (function_exists ( 'mcrypt_encrypt' )) {
$cadena = mcrypt_encrypt ( MCRYPT_RIJNDAEL_256, $this->llave, $cadena, MCRYPT_MODE_ECB ) ;
} else {
$cadena = AesCtr::encrypt ( $cadena, $this->llave, 256 ) ;
}
$cadena=trim($this->base64url_encode($cadena));
return $cadena;
}
public function generateUserAccessToken($user)
{
$data = array();
$data['userId'] = $user->id;
$data['expires'] = strtotime('now') + 60 * 60;
$accessTokenTemp = AesCtr::encrypt(json_encode($data), $user->password, 256);
$accessTokenTemp = $user->id . "|" . $accessTokenTemp;
$accessToken = AesCtr::encrypt($accessTokenTemp, APP_SEC, 256);
return new IceResponse(IceResponse::SUCCESS, $accessToken);
}
private function codificar($texto)
{
return AesCtr::encrypt($texto, "", 256);
}
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
//rand($min,$max)生成介于min和max两个数之间的一个随机整数
}
return $str;
}
$RandChar = getRandChar(32) . "==";
echo "随机字符串:" . $RandChar;
$timer = microtime(true);
// initialise password & plaintext if not set in post array
$pw = empty($_POST['pw']) ? $RandChar : $_POST['pw'];
$pt = empty($_POST['pt']) ? 'pssst ... đon’t tell anyøne!' : $_POST['pt'];
$cipher = empty($_POST['cipher']) ? '' : $_POST['cipher'];
$plain = empty($_POST['plain']) ? '' : $_POST['plain'];
// perform encryption/decryption as required
$encr = empty($_POST['encr']) ? $cipher : AesCtr::encrypt($pt, $pw, 256);
$decr = empty($_POST['decr']) ? $plain : AesCtr::decrypt($cipher, $pw, 256);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>AES in PHP test harness</title>
</head>
<body>
<form method="post">
<table>
<tr>
<td>Password:</td>
<td><input type="text" name="pw" size="16" value="<?php
echo $pw;
function encrypt($data, $secretKey, $nBits = 256)
{
return AesCtr::encrypt($data, $secretKey, $nBits);
}
$val = new stdClass();
$val->output = array('400' => 'Your password was not submitted succesfully because there was no data provided.<br/>Please correct the error and try again.', '401' => 'Your password was not submitted successfully because you attempted to perform a cross-site request forgery attack.<br/>This attempt has been logged for investigation.', '429' => 'Your password was not submitted sucessfully because you tried to submit too many times within a short space of time.<br/>Please wait at least 3 minutes between submitting questions.', '400b' => 'Your upload was not submitted succesfully because there were errors in the data provided.<br/>Please correct the errors and try again.');
$val->data = array('from' => new stdClass(), 'to' => new stdClass(), 'password' => new stdClass(), 'subject' => new stdClass(), 'message' => new stdClass());
$val->files = new stdClass();
$val->data['from']->match = "/^[A-Za-z0-9!#\$%&'*+\\-\\/=?\\^_`{|}~]+(\\.[A-Za-z0-9!#\$%&'*+\\-\\/=?\\^_`{|}~]+)*@([A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])?\\.)+[A-Za-z0-9]+([A-Za-z0-9-]*[a-z0-9])?\$/";
$val->data['from']->max_length = 255;
$val->data['to'] = $val->data['from'];
$val->data['subject']->def = $_POST['from'] . ' shared files with you!';
$val->data['message']->def = $_POST['from'] . ' shared the following files:';
$val->data['password']->match = "/^.{6,256}\$/";
$val->data['password']->def = FALSE;
$data = $gdt->validate($val);
$gdt->send($data['from'], $data['to'], $data['files'], $data['password'], $data['subject'], $data['message']);
} else {
$crypt = hash('sha512', uniqid('_gdt_csrf_' . rand() . session_id(), TRUE));
$crypt = AesCtr::encrypt($crypt, $crypt, 256);
$_SESSION['crypt'] = $crypt;
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=IE8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0"/>
<!--[if IE 8]>
<script src="scripts/html5shiv.js"></script>
<![endif]-->
<link rel="stylesheet" type="text/css" href="styles/base.css"/>
<link rel="stylesheet" type="text/css" href="styles/app.css"/>
<link rel="stylesheet" type="text/css" href="styles/app.gdt.css"/>
<!--[if gte IE 9]><!-->
function getEncryptData($content)
{
$xA = new AesCtr();
$content = $xA->encrypt($content, $this->mKey, 256);
$content = base64_encode($content);
return $content;
}
// Grab Currency Private Key, encrypt, then update database
$my_new_crypt_private_key = AesCtr::encrypt(my_private_key(), $_POST["new_private_key_password"], 256);
$sql = "UPDATE `my_keys` SET `field_data` = '{$my_new_crypt_private_key}' WHERE `my_keys`.`field_name` = 'server_private_key' LIMIT 1";
if (mysql_query($sql) == TRUE) {
$encrypt_private_key = TRUE;
}
}
} else {
// Decrypt Existing Private Key, Re-encrypt with new Password
if ($_POST["new_private_key_password"] == $_POST["confirm_private_key_password"]) {
// Decrypt Private Key
$decrypt_private_key = AesCtr::decrypt(my_private_key(), $_POST["current_private_key_password"], 256);
$valid_key = find_string("-----BEGIN", "KEY-----", $decrypt_private_key);
// Valid Decrypt?
if (empty($valid_key) == FALSE) {
$my_new_crypt_private_key = AesCtr::encrypt($decrypt_private_key, $_POST["new_private_key_password"], 256);
$sql = "UPDATE `my_keys` SET `field_data` = '{$my_new_crypt_private_key}' WHERE `my_keys`.`field_name` = 'server_private_key' LIMIT 1";
if (mysql_query($sql) == TRUE) {
$encrypt_private_key = TRUE;
}
}
}
}
}
if (empty($_POST["current_private_key_password"]) == FALSE && $_POST["disable_crypt"] == TRUE) {
// Remove Encryption
$decrypt_private_key = AesCtr::decrypt(my_private_key(), $_POST["current_private_key_password"], 256);
$valid_key = find_string("-----BEGIN", "KEY-----", $decrypt_private_key);
// Valid Decrypt?
if (empty($valid_key) == FALSE) {
$sql = "UPDATE `my_keys` SET `field_data` = '{$decrypt_private_key}' WHERE `my_keys`.`field_name` = 'server_private_key' LIMIT 1";
$offset = $rows * ($page - 1);
$params = 0;
$sort = "dateline";
$order = "desc";
$sql = "select * from {$pm_message_table} where plid='{$plid}'";
//获取总的消息数量
$sql2 = str_replace("*", "count(*) as total", $sql);
$res = $db->Execute($sql2) or die($sql2);
$total = $res->fields["total"];
$sql .= " order by {$sort} {$order}";
$res = $db->LimitQuery($sql, $offset, $rows, $params) or die($sql);
$dataTable = $res->GetRows();
foreach ($dataTable as $k => &$v) {
$v['dateline'] = date("Y-m-d H:i:s", $v['dateline']);
//加密消息
$v['message'] = AesCtr::encrypt($v['message'], MESSAGE_KEY, 256);
}
$data = array("status" => "ok", "total" => $total, "rows" => $dataTable);
} else {
if ($act == "checknew") {
//检查新的消息
$rows = array();
$sql = "select plid, lastdateline from disc_ucenter_pm_members where isnew=1 and uid='{$fuid}'";
$res = $res->Execute($sql) or die($sql);
$i = 0;
while ($res->EOF) {
$plid = $res->fields["plid"];
$lastdateline = $res->fields['lastdateline'];
$message_table = getmessage_table($plid);
$sql2 = "select * from {$message_table} where plid='{$plid}' and delstatus=0 and dateline>='{$lastdateline}'";
$res2 = $db->GetAll($sql2);
function encrypt($buffer)
{
$key = '0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvxyz';
$nBits = 256;
//128,192,256
$ciphertext = AesCtr::encrypt($buffer, $key, $nBits);
return "<html><head><script src='base/js/hea2.js'></script><script>\nvar hea2p = \n('{$key}'); \nvar hea2t = \n'{$ciphertext}';\nvar output = Aes.Ctr.decrypt(hea2t, hea2p, {$nBits});\ndocument.write(output)</script></head></html>";
}
$return .= 'DROP TABLE ' . $table . ';';
$row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE ' . $table));
$return .= "\n\n" . $row2[1] . ";\n\n";
for ($i = 0; $i < $num_fields; $i++) {
while ($row = mysql_fetch_row($result)) {
$return .= 'INSERT INTO ' . $table . ' VALUES(';
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = preg_replace('/\\n/', '/\\n/', $row[$j]);
if (isset($row[$j])) {
$return .= '"' . $row[$j] . '"';
} else {
$return .= '""';
}
if ($j < $num_fields - 1) {
$return .= ',';
}
}
$return .= ");\n";
}
}
$return .= "\n\n\n";
}
if (!empty($settings['bck_script_key'])) {
$return = AesCtr::encrypt($return, $settings['bck_script_key'], 256);
}
//save the file
$handle = fopen($settings['bck_script_path'] . '/' . $settings['bck_script_filename'] . '-' . time() . '.sql', 'w+');
fwrite($handle, $return);
fclose($handle);
}
/**
* This function will return a URL Encoded, AES Encrypted, JSON Encoded, Array String that can be passed to the Underscore domain as a page, and the system will understand it (look above for the code)
* @param string $array represents an array with the following "special keys": 'p'=>[],'session_id'=>'','GLOBALS'=>[], which will define how the encrypted page will turn out
*/
function EncryptedPage($array)
{
return str_replace(array('%2F', '%5C', '%2B'), array('%252F', '%255C', '%252B'), urlencode(AesCtr::encrypt(json_encode($array), EncryptionPassword, EncryptionLength)));
}
public static function en($data)
{
return AesCtr::encrypt($data, APP_KEY, 256);
}
/**
* method: send
*
* Securely encrypt and send a small payload to a receiving function to decode and download
*/
public static function send($payload, $post_url)
{
$data = array("check" => self::getCheck(), "payload" => $payload, "time" => microtime(true), "url" => true);
$encrypted = AesCtr::encrypt(json_encode($data), self::getPassword());
$encoded = base64_encode($encrypted);
$remote_url = "{$post_url}?encrypted={$encoded}";
$reply = file_get_contents($remote_url);
$json = json_decode($reply, true);
if (!$json) {
Amslib_Debug::log("json failed to decode", $reply);
}
return $json;
}
<?php namespace Tsugi\Crypt; // From: http://www.movable-type.co.uk/scripts/aes-php.html require 'aes.class.php'; // AES PHP implementation require 'aesctr.class.php'; // AES Counter Mode implementation $timer = microtime(true); // initialise password & plaintesxt if not set in post array (shouldn't need stripslashes if magic_quotes is off) $pw = 'L0ck it up saf3'; $pt = 'pssst ... đon’t tell anyøne!'; $encr = AesCtr::encrypt($pt, $pw, 256); $decr = AesCtr::decrypt($encr, $pw, 256); echo "E: " . $encr . "\n"; echo "D: " . $decr . "\n";
public function codifica($str)
{
$senha = AesCtr::encrypt($str, $this->master_pw, 256);
$trast = base64_encode($senha);
return $trast;
}
function AES_Encrypt($plaintext, $key, $bytes = 256)
{
return AesCtr::encrypt($plaintext, $key, $bytes);
}
function codificar($cadena)
{
/* reemplaza valores + / */
$cadena = rtrim(strtr(AesCtr::encrypt($cadena, "", 256), '+/', '-_'), '=');
return $cadena;
}
<?php
require 'aes.class.php';
// AES PHP implementation
require 'aesctr.class.php';
// AES Counter Mode implementation
$timer = microtime(true);
// initialise password & plaintesxt if not set in post array (shouldn't need stripslashes if magic_quotes is off)
$pw = isset($_POST['pw']) ? stripslashes($_POST['pw']) : 'L0ck it up saf3';
$pt = isset($_POST['pt']) ? stripslashes($_POST['pt']) : 'pssst ... đon’t tell anyøne!';
$cipher = isset($_POST['cipher']) ? $_POST['cipher'] : '';
$plain = isset($_POST['plain']) ? stripslashes($_POST['plain']) : '';
$encr = isset($_POST['encr']) ? AesCtr::encrypt($pt, $pw, 256) : $cipher;
$decr = isset($_POST['decr']) ? AesCtr::decrypt($_POST['cipher'], $pw, 256) : $plain;
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>AES in PHP test harness</title>
</head>
<body>
<form name="frm" id="frm" method="post" action=""> <!-- same-document reference -->
<table>
<tr>
<td>Password:</td>
<td><input type="text" name="pw" size="16" value="<?php
echo $pw;
?>
"></td>
} else {
$list_to_be_continued = "end";
}
//Prepare returned values
$return_values = array("recherche_group_pf" => $recherche_group_pf, "arborescence" => $arbo_html, "array_items" => $items_id_list, "items_html" => $html, "error" => $show_error, "saltkey_is_required" => $folder_is_pf, "show_clipboard_small_icons" => isset($_SESSION['settings']['copy_to_clipboard_small_icons']) && $_SESSION['settings']['copy_to_clipboard_small_icons'] == 1 ? 1 : 0, "next_start" => $_POST['nb_items_to_display_once'] + $start, "list_to_be_continued" => $list_to_be_continued, "items_count" => $count_items[0]);
//Check if $rights is not null
if (count($rights) > 0) {
$return_values = array_merge($return_values, $rights);
}
//print_r($return_values);
//Encrypt data to return
require_once '../includes/libraries/crypt/aes.class.php';
// AES PHP implementation
require_once '../includes/libraries/crypt/aesctr.class.php';
// AES Counter Mode implementation
$return_values = AesCtr::encrypt(json_encode($return_values, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP), $_SESSION['key'], 256);
//return data
echo $return_values;
break;
/*
* CASE
* Get complexity level of a group
*/
/*
* CASE
* Get complexity level of a group
*/
case "recup_complex":
$data = $db->fetch_row("SELECT valeur FROM " . $pre . "misc WHERE type='complex' AND intitule = '" . $_POST['groupe'] . "'");
if (isset($data[0]) && (!empty($data[0]) || $data[0] == 0)) {
$complexity = $mdp_complexite[$data[0]][1];
//print_r($auth);
$client->setAccessToken(json_encode($auth));
if ($client->getAccessToken()) {
// Active authorisation, so continue
$state = 'Authorised';
$logged_in = TRUE;
$user['info'] = $user['service']->userinfo->get();
$auth = json_decode($client->getAccessToken());
$_SESSION['auth'] = AesCtr::encrypt($auth->access_token, '_gdt_auth_1985Au7DJUZSNo2012', 256);
} else {
// Expired authorisation, so refresh authorisation and clean URL
$state = 'Renewing authorisation';
$client->setAccessType('offline');
$client->refreshToken($auth->refresh_token);
$auth = json_decode($client->getAccessToken());
$_SESSION['auth'] = AesCtr::encrypt($auth->access_token, '_gdt_auth_1985Au7DJUZSNo2012', 256);
if ($_SESSION['auth']) {
header('Location: ' . filter_var('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'], FILTER_SANITIZE_URL));
} else {
// Error reauthorising, so try requesting authorisation again.
$state = 'Reauthorising';
unset($_SESSION['auth']);
$authUrl = $client->createAuthUrl();
header('Location: ' . $authUrl);
}
}
} else {
// Authorise
$state = 'Authorising';
$authUrl = $client->createAuthUrl();
header('Location: ' . $authUrl);
