Exemplo n.º 1
0
 static function IsMcryptAvailable()
 {
     if (!is_bool(self::$mcryptavailable)) {
         self::$mcryptavailable = function_exists("mcrypt_module_open") && in_array("rijndael-128", mcrypt_list_algorithms());
     }
     return self::$mcryptavailable;
 }
Exemplo n.º 2
0
function SSO_EndpointOutput($result)
{
    global $sso_encrypted, $sso_apikey_info, $sso_data, $sso_skipsleep;
    if (!$sso_skipsleep) {
        SSO_RandomSleep();
    }
    $result = @json_encode($result);
    if ($sso_encrypted) {
        if ($sso_apikey_info["keyinfo"]["mode"] === "aes256") {
            $result = ExtendedAES::CreateDataPacket($result, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
        } else {
            $result = Blowfish::CreateDataPacket($result, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
        }
        $result = base64_encode($result);
    }
    echo $result;
    exit;
}
Exemplo n.º 3
0
<?php

// SSO Server frontend.
// (C) 2015 CubicleSoft.  All Rights Reserved.
define("SSO_FILE", 1);
define("SSO_MODE", "frontend");
require_once "config.php";
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/str_basics.php";
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/page_basics.php";
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/sso_functions.php";
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/blowfish.php";
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/aes.php";
if (!ExtendedAES::IsMcryptAvailable()) {
    require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/phpseclib/AES.php";
}
require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/random.php";
Str::ProcessAllInput();
// Initialize the global CSPRNG instance.
$sso_rng = new CSPRNG();
// Timing attack defense.
SSO_RandomSleep();
// Calculate the remote IP address.
$sso_ipaddr = SSO_GetRemoteIP();
// Initialize language settings.
BB_InitLangmap(SSO_ROOT_PATH . "/" . SSO_LANG_PATH . "/", SSO_DEFAULT_LANG);
if (isset($_REQUEST["lang"]) && $_REQUEST["lang"] == "") {
    unset($_REQUEST["lang"]);
}
if (isset($_REQUEST["lang"])) {
    BB_SetLanguage(SSO_ROOT_PATH . "/" . SSO_LANG_PATH . "/", $_REQUEST["lang"]);
}
Exemplo n.º 4
0
function SSO_DecryptDBData($data)
{
    $data2 = explode(":", $data);
    if (count($data2) == 3) {
        $mode = $data2[0] == "aes256" ? "aes256" : "blowfish";
        $dual = (int) $data2[1] === 2;
        $data = $data2[2];
    } else {
        $mode = "blowfish";
        $dual = false;
    }
    $data = @base64_decode($data);
    if ($data !== false) {
        $key = pack("H*", SSO_BASE_RAND_SEED4);
        $options = array("mode" => "CBC", "iv" => pack("H*", SSO_BASE_RAND_SEED3));
        if ($dual) {
            $options["key2"] = pack("H*", SSO_BASE_RAND_SEED5);
            $options["iv2"] = pack("H*", SSO_BASE_RAND_SEED6);
        }
        if ($mode == "aes256") {
            $data = ExtendedAES::ExtractDataPacket($data, $key, $options);
        } else {
            $data = Blowfish::ExtractDataPacket($data, $key, $options);
        }
    }
    if ($data !== false) {
        $data = @unserialize($data);
    }
    return $data;
}