public function SaveUserInfo($usedb = false) { if ($this->user_cache["changed"]) { $cdata = array("c" => $this->user_cache["ts"], "s" => $this->user_info["sso_id"], "i" => $this->user_info["id"], "e" => $this->user_info["extra"]); if (count($this->user_info["tag_map"])) { $cdata["t"] = $this->user_info["tag_map"]; foreach ($cdata["t"] as $key => $val) { $cdata["t"][$key] = 1; } } if ($this->user_info["admin"]) { $cdata["a"] = 1; } if ($usedb && $this->user_cache["hasdb"]) { $cdata["b"] = 1; } if (count($this->user_cache["data"])) { $cdata["d"] = $this->user_cache["data"]; } $cdata["p"] = $this->user_cache["ipaddr"]; $cdata = @json_encode($cdata); if (function_exists("gzcompress") && function_exists("gzuncompress")) { $cdata = "1:" . @gzcompress($cdata); } else { $cdata = "0:" . $cdata; } $vdata = hash_hmac("sha1", $cdata . ":" . SSO_SERVER_APIKEY, pack("H*", SSO_CLIENT_RAND_SEED6), true); $vdata = str_replace(array("+", "/", "="), array("-", "_", ""), base64_encode($vdata)); $mode = SSO_COOKIE_CIPHER == "aes256" ? "aes256" : "blowfish"; $key = pack("H*", SSO_CLIENT_RAND_SEED); $options = array("prefix" => $this->rng->GenerateToken(), "mode" => "CBC", "iv" => pack("H*", SSO_CLIENT_RAND_SEED2), "lightweight" => true); if (SSO_COOKIE_DUAL_ENCRYPT) { $options["key2"] = pack("H*", SSO_CLIENT_RAND_SEED4); $options["iv2"] = pack("H*", SSO_CLIENT_RAND_SEED5); } if ($mode == "aes256") { $cdata = SSO_ExtendedAES::CreateDataPacket($cdata, $key, $options); } else { $cdata = SSO_Blowfish::CreateDataPacket($cdata, $key, $options); } $cdata = str_replace(array("+", "/", "="), array("-", "_", ""), base64_encode($cdata)); if (!isset($this->request[SSO_COOKIE_NAME . "_c"])) { $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_c", "1", 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY); } if (!isset($this->request[SSO_COOKIE_NAME . "_s"]) || $this->request[SSO_COOKIE_NAME . "_s"] != $cdata) { $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_s", $cdata, SSO_COOKIE_TIMEOUT > 0 ? time() + SSO_COOKIE_TIMEOUT : 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY, true); } if (!isset($this->request[SSO_COOKIE_NAME . "_v"]) || $this->request[SSO_COOKIE_NAME . "_v"] != $vdata) { $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_v", $vdata, SSO_COOKIE_TIMEOUT > 0 && !SSO_COOKIE_EXIT_TIMEOUT ? time() + SSO_COOKIE_TIMEOUT : 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY, true); } $this->user_cache["changed"] = false; } }
static function ExtractDataPacket($data, $key, $options = array()) { $data = (string) $data; if (isset($options["key2"])) { $options2 = $options; if (isset($options["iv2"])) { $options["iv"] = $options["iv2"]; } else { unset($options["iv"]); } if (self::IsMcryptAvailable()) { $data = self::McryptDecrypt($data, $options["key2"], $options); } else { if (!isset($options["bits2"])) { $options["bits2"] = strlen($options["key2"]) * 8; } if ($options["mode"] == "CBC" && !isset($options["iv"])) { $options["iv"] = ""; } $bf = new SSO_Blowfish(); if ($options["mode"] == "CBC") { $bf->SetBlockMode("CBC"); $bf->SetInitVector($options["iv"]); } $bf->SetKey($options["key2"], $options["bits2"]); $bf->AddData($data); $bf->Finalize(); $data = $bf->Decrypt(); } $data = substr($data, 1) . substr($data, 0, 1); $options = $options2; } if (self::IsMcryptAvailable()) { $data = self::McryptDecrypt($data, $key, $options); } else { if (!isset($options["bits"])) { $options["bits"] = strlen($key) * 8; } if (!isset($options["mode"])) { $options["mode"] = "ECB"; } if ($options["mode"] == "CBC" && !isset($options["iv"])) { $options["iv"] = ""; } $bf = new SSO_Blowfish(); if ($options["mode"] == "CBC") { $bf->SetBlockMode("CBC"); $bf->SetInitVector($options["iv"]); } $bf->SetKey($key, $options["bits"]); $bf->AddData($data); $bf->Finalize(); $data = $bf->Decrypt(); } if ($data === false) { return false; } $pos = strpos($data, "\n"); if ($pos === false) { return false; } $data = substr($data, $pos + 1); $pos = strpos($data, "\n"); if ($pos === false) { return false; } $check = substr($data, 0, $pos); $data = substr($data, $pos + 1); $pos = strrpos($data, "\n"); if ($pos === false) { return false; } $data = substr($data, 0, $pos); if (!isset($options["lightweight"]) || !$options["lightweight"]) { if ($check !== strtolower(sha1($data))) { return false; } } else { if ($check !== strtolower(dechex(crc32($data)))) { return false; } } return $data; }