public static function encrypt($sData, $asKey = null) { $sKey = empty($asKey) ? FlexiConfig::$sEncryptionKey : $asKey; $blowfish = new Crypt_Blowfish($sKey); return $blowfish->encrypt($sData); //return mcrypt_encrypt( MCRYPT_BLOWFISH, $sKey, $sData, MCRYPT_MODE_CBC, self::getMode() ); }
function fetchData($username, $password) { switch ($this->options['cryptType']) { case 'blowfish': include_once 'Crypt/Blowfish.php'; $bf = new Crypt_Blowfish($this->options['cryptKey']); $password = $bf->encrypt($password); $password = base64_encode($password); break; default: if (function_exists($this->options['cryptType'])) { $password = $this->options['cryptType']($password); } break; } $req = new HTTP_Request(); $req->setURL($this->options['URL']); $req->setMethod(HTTP_REQUEST_METHOD_GET); $req->addQueryString($this->options['usernameKey'], $username); $req->addQueryString($this->options['passwordKey'], $password); if (!PEAR::isError($req->sendRequest())) { $response = $req->getResponseBody(); } else { return false; } $unserializer = new XML_Unserializer(); if ($unserializer->unserialize($response)) { $this->result_value = $unserializer->getUnserializedData(); if ($this->result_value[$this->options['resultKey']] == $this->options['correctValue']) { return true; } } return false; }
/** * loginNow * * Try and log the user in. * * @access public * @return void */ public function loginNow() { $this->tplFile = 'Login.tpl'; $form = $this->createLoginForm(); if ($form->validate()) { $result = $this->user->authenticate($_POST['email'], $_POST['password']); if (!$result) { $this->setData('loginError', _('Login failed')); $this->setData('QF_Form', $form->toHtml()); $this->session->email = null; $this->session->password = null; return; } $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $emailArray = explode('@', $_POST['email']); $this->session->user = $emailArray[0]; $this->session->domain = $emailArray[1]; $this->session->email = $_POST['email']; $this->session->password = $crypt->encrypt($_POST['password']); $this->session->lastActionTime = time(); header('Location: ./index.php?module=Home'); return; } else { $this->setData('QF_Form', $form->toHtml()); } }
public function encrypt($plaintext) { if (($length = strlen($plaintext)) >= 1048576) { return false; } $ciphertext = ''; $paddedtext = $this->maxi_pad($plaintext); $strlen = strlen($paddedtext); for ($x = 0; $x < $strlen; $x += 8) { $piece = substr($paddedtext, $x, 8); $cipher_piece = parent::encrypt($piece); $encoded = base64_encode($cipher_piece); $ciphertext = $ciphertext . $encoded; } return $ciphertext . sprintf('%06d', $length); }
public function __destruct() { if (!defined('TM_SESSION_SAVED')) { if ($this->encryption) { $cookie =& $this->using('cookie'); $sess_key = preg_replace('/[^a-zA-Z0-9]/', '', $cookie->get('sess_key')); if (strlen($sess_key) == 12) { $bf = new Crypt_Blowfish($sess_key); $data = function_exists('gzcompress') && $this->compress ? gzcompress(serialize($_SESSION)) : serialize($_SESSION); $_SESSION = array(); $_SESSION['data'] = $bf->encrypt($data); $_SESSION['pass'] = md5(TM_UNIQUE_STR); } else { $_SESSION = array(); } } session_write_close(); $_SESSION = array(); define('TM_SESSION_SAVED', true); } }
function wrap_bp_encrypt($cipher_id, $key, $text, $iv) { if ($cipher_id !== 'blowfish') { $last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: unknown_cipher'; return false; } $bf = new Crypt_Blowfish('cbc'); $iv_size = strlen($iv); if ($iv_size !== false && $iv_size > 0) { $bf->setKey($key, $iv); } else { $bf->setKey($key); } if (PEAR::isError($text)) { $last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: ' . $text->getMessage(); return false; } $text = $bf->encrypt($text); if (PEAR::isError($text)) { $last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: ' . $text->getMessage(); return false; } return $text; }
function encryptText($text) { require_once 'Crypt/Blowfish.php'; $bf = new Crypt_Blowfish(ENCRYPTKEY); $encrypted = $bf->encrypt($text); return bin2hex($encrypted); }
/** * Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data * @param STRING key - key to base encoding off of * @param STRING data - string to be encrypted and encoded * @return string */ function blowfishEncode($key, $data) { $bf = new Crypt_Blowfish($key); $encrypted = $bf->encrypt($data); return base64_encode($encrypted); }
/** * modifyAccountNow * * Modify Acount * * @access public * @return void */ public function modifyAccountNow() { // Make sure account was supplied if (!isset($_REQUEST['account'])) { throw new Framework_Exception(_("Error: no account supplied")); } $account = $_REQUEST['account']; // See what user_info to use if ($this->user->isDomainAdmin($this->domain)) { $account_info = $this->user->userInfo($this->domain, $account); } else { $account_info = $this->user->loginUser; } // Get .qmail info if it exists try { $dot_qmail = $this->user->readFile($this->domain, $_REQUEST['account'], '.qmail'); } catch (Net_Vpopmaild_Exception $e) { $dot_qmail = ''; } $defs = $this->parseHomeDotqmail($dot_qmail, $account_info); $form = $this->modifyAccountForm($account, $defs); if (!$form->validate()) { $this->setData('message', _("Error Modifying Account")); $renderer =& new HTML_QuickForm_Renderer_AssocArray(); $form->accept($renderer); $this->setData('form', $renderer->toAssocArray()); $this->tplFile = 'modifyAccount.tpl'; return; } // update password / comment if it's changing $changePass = 0; $changeComment = 0; $password = $form->getElementValue('password'); $comment = $form->getElementValue('comment'); if (!empty($password)) { $account_info['clear_text_password'] = $password; $changePass = 1; } if (!empty($comment)) { $account_info['comment'] = $comment; } if ($changePass || $changeComment) { $this->user->modUser($this->domain, $_REQUEST['account'], $account_info); } if ($changePass && $account == $this->user->loginUser['name'] && $this->domain == $this->user->loginUser['domain']) { $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $this->session->password = $crypt->encrypt($password); } // Determine new routing $routing = ''; $save_a_copy = 0; if ($_REQUEST['routing'] == 'routing_standard') { $routing = 'standard'; } else { if ($_REQUEST['routing'] == 'routing_deleted') { $routing = 'deleted'; } else { if ($_REQUEST['routing'] == 'routing_forwarded') { if (empty($_REQUEST['forward'])) { $this->setData('message', _('Error: you must supply a forward address')); return $this->modifyAccount(); } else { $forward = $_REQUEST['forward']; } $routing = 'forwarded'; if (isset($_REQUEST['save_a_copy'])) { $save_a_copy = 1; } } else { $this->setData('message', _('Error: unsupported routing selection')); return $this->modifyAccount(); } } } // Check for vacation $vacation = 0; if (isset($_REQUEST['vacation']) && $_REQUEST['vacation'] == 1) { $vacation = 1; $vacation_subject = $_REQUEST['vacation_subject']; $vacation_body = $_REQUEST['vacation_body']; } // Are we deleting a vacation message? if ($vacation == 0 && $defs['vacation'] == ' checked') { // Kill old message $this->user->rmDir($this->domain, $account_info['name'], 'vacation'); } // Build .qmail contents $dot_qmail_contents = ''; if ($routing == 'deleted') { $dot_qmail_contents = "# delete"; } else { if ($routing == 'forwarded') { $dot_qmail_contents = "&{$forward}"; if ($save_a_copy == 1) { $dot_qmail_contents .= "\n./Maildir/"; } } } if ($vacation == 1) { if (strlen($dot_qmail_contents) > 0) { $dot_qmail_contents .= "\n"; } $vacation_dir = $account_info['user_dir'] . '/vacation'; $dot_qmail_contents .= '| ' . $this->user->vpopmailRobotProgram; $dot_qmail_contents .= ' ' . $this->user->vpopmailRobotTime; $dot_qmail_contents .= ' ' . $this->user->vpopmailRobotNumber; $dot_qmail_contents .= " {$vacation_dir}/message {$vacation_dir}"; } $dot_qmail_file = '.qmail'; if (strlen($dot_qmail_contents) > 0) { $contents = explode("\n", $dot_qmail_contents); // Write .qmail file $result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $dot_qmail_file); // Add vacation files if ($vacation == 1) { $vcontents = "From: " . $account_info['name'] . "@{$this->domain}"; $vcontents .= "\n"; $vcontents .= "Subject: {$vacation_subject}\n\n"; $vcontents .= $vacation_body; $contents = explode("\n", $vcontents); $vdir = 'vacation'; $message = 'vacation/message'; // Delete existing file try { $this->user->rmDir($this->domain, $account_info['name'], $vdir); } catch (Net_Vpopmaild_Exception $e) { } // Make vacation directory $result = $this->user->mkDir($this->domain, $account_info['name'], $vdir); // Write vacation message $result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $message); } } else { try { $this->user->rmFile($this->domain, $account_info['name'], $dot_qmail_file); } catch (Net_Vpopmaild_Exception $e) { } } $url = "./?module=Accounts&class=Modify&event=modifyAccount"; $url .= "&domain={$this->domain}&account={$account_info['name']}&modified=1"; header("Location: {$url}"); return; }
function encrypt($plaintext) { $ciphertext = ''; $paddedtext = $this->maxi_pad($plaintext); $strlen = strlen($paddedtext); for ($x = 0; $x < $strlen; $x += 8) { $piece = substr($paddedtext, $x, 8); $cipher_piece = parent::encrypt($piece); $encoded = base64_encode($cipher_piece); $ciphertext = $ciphertext . $encoded; } return $ciphertext; }
/** * @brief encryption using legacy blowfish method * @param $data string data to encrypt * @param $passwd string password * @return string */ function legacyEncrypt($data, $passwd) { $bf = new \Crypt_Blowfish($passwd); $crypted = $bf->encrypt($data); return $crypted; }
/** * @brief decryption of an content * @param $content the cleartext message you want to decrypt * @param $key the encryption key * @returns cleartext content * * This function decrypts an content */ public static function decrypt($content, $key) { $bf = new Crypt_Blowfish($key); return $bf->encrypt($contents); }
/** Encrpytes a value using the blowfish cipher. As key the Security.salt * value is used @param value Value to cipher @return Return of the chiphered value in base64 encoding. To distinguish ciphed value, the ciphed value has a prefix of '$E$' i @see _decryptValue(), _packValue(), _generateSalt() */ function _encryptValue($value, $config) { extract($config); $bf = new Crypt_Blowfish($key); $enclose = $this->_packValue($value, $this->_generateSalt($value, $key, $saltLen), $padding); $encrypted = $bf->encrypt($enclose); if (PEAR::isError($encrypted)) { $this->log($encrypted->getMessage()); return false; } return $prefix . base64_encode($encrypted); }
/** * Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data * @param string key - key to base encoding off of * @param string data - string to be encrypted and encoded * @param object Crypt_Blowfish object * @return string */ public function generateRequest($key, $data, $bf = null) { if (!$bf) { // @codeCoverageIgnoreStart $bf = new Crypt_Blowfish($key); } // @codeCoverageIgnoreEnd $encrypted = $bf->encrypt($data); $encrypted = base64_encode($encrypted); $output = "----- BEGIN LICENSE REQUEST -----\n"; $i = 0; $len = strlen($encrypted); while ($i + 80 < $len) { $output .= substr($encrypted, $i, 80) . "\n"; $i += 80; } $output .= substr($encrypted, $i) . "\n"; $output .= "----- END LICENSE REQUEST -----\n"; return $output; }
// PEAR. ini_set('include_path', BABEL_PREFIX . '/libs/pear' . PATH_SEPARATOR . ini_get('include_path')); require_once 'Crypt/Blowfish.php'; if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST') { $db = mysql_connect(BABEL_DB_HOSTNAME . ':' . BABEL_DB_PORT, BABEL_DB_USERNAME, BABEL_DB_PASSWORD); if ($db) { mysql_select_db(BABEL_DB_SCHEMATA); mysql_query("SET NAMES utf8"); mysql_query("SET CHARACTER SET utf8"); mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'"); } $rt = vx_check_login(); if ($rt['errors'] == 0) { $bf = new Crypt_Blowfish(BABEL_BLOWFISH_KEY); setcookie('babel_usr_email', $rt['usr_email_value'], time() + 2678400, '/', BABEL_DNS_DOMAIN); setcookie('babel_usr_password', $bf->encrypt(sha1($rt['usr_password_value'])), time() + 2678400, '/', BABEL_DNS_DOMAIN); $_SESSION['babel_usr_email'] = $rt['usr_email_value']; $_SESSION['babel_usr_password'] = sha1($rt['usr_password_value']); $rt['mode'] = 'ok'; if (trim($rt['return']) != '') { if (preg_match('/logout/i', $rt['return'])) { header('Location: /'); die; } else { header('Location: ' . $rt['return']); die; } } } else { $rt['mode'] = 'error'; }
function call_encrypt($key, $plain_text) { // call pear init & call //call_pear_init(); require_once ('Crypt/Blowfish.php'); // Create the Crypt_Blowfish object using a secret key. The key must be //protected at all costs. The key is like a password to access the data. $blowfish = new Crypt_Blowfish($key); // This is the text we will encrypt $encrypted = $blowfish->encrypt($plain_text); $encrypted = bin2hex($encrypted); return($encrypted); }
function passwordEncrypt($passwd) { if ($passwd == "") { return ""; } $blowfish = new Crypt_Blowfish(CBF_KEY); $encrypted = $blowfish->encrypt($passwd); $encrypt_char = base64_encode($encrypted); return $encrypt_char; }
function checkDeviceId($key = '') { if ($this->vars['ua']['isBot'] || strpos($this->myRoot . $this->SERVER['REQUEST_URI'], str_replace('&', '&', $this->Config_redirect)) === 0) { return true; } if ($this->vars['ua']['carrier'] === 'docomo') { // docomo only if (empty($_POST)) { $now = time(); if (!isset($_SESSION['hypKtaiStartTime'])) { $_SESSION['hypKtaiStartTime'] = 0; } if ($_SESSION['hypKtaiStartTime'] + $this->Config_docomoGuidTTL < $now && strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE) { $_SESSION['hypKtaiStartTime'] = $now; // 未取得なので guid=on をつけてリダイレクト $joint = strpos($this->SERVER['REQUEST_URI'], '?') === FALSE ? '?' : '&'; $url = $this->myRoot . $this->SERVER['REQUEST_URI'] . $joint . 'guid=on'; if (!$this->vars['ua']['allowCookie']) { $url = $this->removeSID($url); $sid = '&' . $this->session_name . '=' . session_id(); } else { $sid = ''; } header('Location: ' . $url . $sid); return 'redirect'; } } // PEAR $incPath = ini_get('include_path'); $addPath = XOOPS_TRUST_PATH . '/PEAR'; if (strpos($incPath, $addPath) === FALSE) { ini_set('include_path', $incPath . PATH_SEPARATOR . $addPath); } require_once 'Crypt/Blowfish.php'; $blowfish = new Crypt_Blowfish($key); // Crypt_Blowfish => 1.0.1 //$blowfish = Crypt_Blowfish::factory('ecb', $key); // Crypt_Blowfish => 1.1.0RC1 if (strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE && !$this->vars['ua']['uid'] && isset($_SESSION['hypKtaiUserId'])) { // セッションに登録済み $_SERVER['HTTP_X_DCMGUID'] = $this->vars['ua']['uid'] = rtrim($blowfish->decrypt(base64_decode($_SESSION['hypKtaiUserId'])), ""); } else { if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = base64_encode($blowfish->encrypt($this->vars['ua']['uid'])); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != base64_encode($blowfish->encrypt($this->vars['ua']['uid']))) { return false; } } } } //$_SESSION['hyp_redirect_message'] = $_SERVER['HTTP_X_DCMGUID']; } else { // other carrier if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = md5($this->vars['ua']['uid'] . $key); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != md5($this->vars['ua']['uid'] . $key)) { return false; } } } } return true; }
/** * Encrypts data using Blowfish * * Requires either `mcrypt` extension or `Crypt_Blowfish` PEAR package. * * @param mixed $data Data to encrypt * @param string $pass_phrase Secret passphrase to encrypt the data * @param bool $url_safe Ensure the Base 64-encoded output is URL safe (Optional, disabled by default) * @return string|bool Base 64-encoded encrypted data, or `false` if encryption is not available * @api */ public static function encrypt($data, $pass_phrase = '', $url_safe = false) { @(include_once "Crypt/Blowfish.php"); // PEAR if (($use_mcrypt = extension_loaded('mcrypt')) === false || !class_exists('\\Crypt_Blowfish')) { return false; } $pass_phrase = hash('sha256', $pass_phrase . NONCE_SALT, true); if ($use_mcrypt) { $result = mcrypt_encrypt(MCRYPT_BLOWFISH, $pass_phrase, $data, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND)); } else { $bf = new \Crypt_Blowfish($pass_phrase); $result = $bf->encrypt($data); } $result = base64_encode($result); if ($url_safe) { $result = self::base64UrlSafe($result); } return $result; }
/** * * * @param * @return */ function encrypt($name, $string) { if (!$name && !$string) { return $string; } global $application; $session_id = session_id(); $key = md5($session_id . $this->uuid()); $tables = $this->getTables(); $table = 'crypto_keys'; $k = $tables[$table]['columns']; $query = new DB_Select(); $query->addSelectField($k["key"], "crypto_key"); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $result = $application->db->getDB_Result($query); if (isset($result[0]['crypto_key']) && $result[0]['crypto_key']) { $query = new DB_Update($table); $query->addUpdateValue($k["key"], $key); $query->addUpdateValue($k['lifetime'], time() + 600); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $application->db->getDB_Result($query); } else { $query = new DB_Insert($table); $query->addInsertValue($session_id, $k['id']); $query->addInsertValue($name, $k['name']); $query->addInsertValue($key, $k['key']); $query->addInsertValue(time() + 600, $k['lifetime']); $application->db->getDB_Result($query); } $blowfish = new Crypt_Blowfish($key); $encrypted_string = $blowfish->encrypt($string); return $encrypted_string; }
function insert($reload = true) { if (!isset($this->is_approved)) { $this->is_approved = !$this->getDi()->config->get('manually_approve'); } if (empty($this->remote_addr)) { $this->remote_addr = htmlentities(@$_SERVER['REMOTE_ADDR']); } if (empty($this->user_agent)) { $this->user_agent = @$_SERVER['HTTP_USER_AGENT']; } if (empty($this->added)) { $this->added = $this->getDi()->sqlDateTime; } $this->getDi()->hook->call(new Am_Event_UserBeforeInsert($this)); $ret = parent::insert($reload); if ($this->_passwordChanged) { $event = new Am_Event_SetPassword($this, $this->getPlaintextPass()); $this->getDi()->savedPassTable->setPass($event); $this->getDi()->hook->call($event); } if ($this->_passwordGenerated) { $crypt = new Crypt_Blowfish($this->getDi()->app->getSiteKey()); $pg = $crypt->encrypt($this->getPlaintextPass()); $this->getDi()->store->set('pass-generated-' . $this->pk(), base64_encode($pg), '+6 hours'); } $this->getDi()->hook->call(new Am_Event_UserAfterInsert($this)); $this->_passwordChanged = false; return $ret; }
mysql_query("SET NAMES utf8"); mysql_query("SET CHARACTER SET utf8"); mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'"); $__usr = mysql_real_escape_string($_usr, $db); $__password = sha1($_password); if (preg_match('/@/', $usr)) { $sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_email = '{$__usr}' AND usr_password = '******'"; } else { $sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_nick = '{$__usr}' AND usr_password = '******'"; } $rs = mysql_query($sql); if ($User = mysql_fetch_object($rs)) { mysql_free_result($rs); $bf = new Crypt_Blowfish(BABEL_BLOWFISH_KEY); setcookie('babel_usr_email', $User->usr_email, time() + 2678400, '/'); setcookie('babel_usr_password', $bf->encrypt($User->usr_password), time() + 2678400, '/'); $_SESSION['babel_usr_email'] = $User->usr_email; $_SESSION['babel_usr_password'] = $User->usr_password; $__t = time(); $__ua = mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'], $db); $sql = "UPDATE macau_user SET usr_logins = usr_logins + 1, usr_lastlogin = {$__t}, usr_lastlogin_ua = '{$__ua}' WHERE usr_id = {$User->usr_id}"; mysql_unbuffered_query($sql); } else { mysql_free_result($rs); } } } if (!$to) { $to = $_prev; } header('Location: ' . $to);