Exemplo n.º 1
0
 public function SaveUserInfo($usedb = false)
 {
     if ($this->user_cache["changed"]) {
         $cdata = array("c" => $this->user_cache["ts"], "s" => $this->user_info["sso_id"], "i" => $this->user_info["id"], "e" => $this->user_info["extra"]);
         if (count($this->user_info["tag_map"])) {
             $cdata["t"] = $this->user_info["tag_map"];
             foreach ($cdata["t"] as $key => $val) {
                 $cdata["t"][$key] = 1;
             }
         }
         if ($this->user_info["admin"]) {
             $cdata["a"] = 1;
         }
         if ($usedb && $this->user_cache["hasdb"]) {
             $cdata["b"] = 1;
         }
         if (count($this->user_cache["data"])) {
             $cdata["d"] = $this->user_cache["data"];
         }
         $cdata["p"] = $this->user_cache["ipaddr"];
         $cdata = @json_encode($cdata);
         if (function_exists("gzcompress") && function_exists("gzuncompress")) {
             $cdata = "1:" . @gzcompress($cdata);
         } else {
             $cdata = "0:" . $cdata;
         }
         $vdata = hash_hmac("sha1", $cdata . ":" . SSO_SERVER_APIKEY, pack("H*", SSO_CLIENT_RAND_SEED6), true);
         $vdata = str_replace(array("+", "/", "="), array("-", "_", ""), base64_encode($vdata));
         $mode = SSO_COOKIE_CIPHER == "aes256" ? "aes256" : "blowfish";
         $key = pack("H*", SSO_CLIENT_RAND_SEED);
         $options = array("prefix" => $this->rng->GenerateToken(), "mode" => "CBC", "iv" => pack("H*", SSO_CLIENT_RAND_SEED2), "lightweight" => true);
         if (SSO_COOKIE_DUAL_ENCRYPT) {
             $options["key2"] = pack("H*", SSO_CLIENT_RAND_SEED4);
             $options["iv2"] = pack("H*", SSO_CLIENT_RAND_SEED5);
         }
         if ($mode == "aes256") {
             $cdata = SSO_ExtendedAES::CreateDataPacket($cdata, $key, $options);
         } else {
             $cdata = SSO_Blowfish::CreateDataPacket($cdata, $key, $options);
         }
         $cdata = str_replace(array("+", "/", "="), array("-", "_", ""), base64_encode($cdata));
         if (!isset($this->request[SSO_COOKIE_NAME . "_c"])) {
             $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_c", "1", 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY);
         }
         if (!isset($this->request[SSO_COOKIE_NAME . "_s"]) || $this->request[SSO_COOKIE_NAME . "_s"] != $cdata) {
             $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_s", $cdata, SSO_COOKIE_TIMEOUT > 0 ? time() + SSO_COOKIE_TIMEOUT : 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY, true);
         }
         if (!isset($this->request[SSO_COOKIE_NAME . "_v"]) || $this->request[SSO_COOKIE_NAME . "_v"] != $vdata) {
             $this->SetCookieFixDomain(SSO_COOKIE_NAME . "_v", $vdata, SSO_COOKIE_TIMEOUT > 0 && !SSO_COOKIE_EXIT_TIMEOUT ? time() + SSO_COOKIE_TIMEOUT : 0, SSO_COOKIE_PATH, "", SSO_COOKIE_SSL_ONLY, true);
         }
         $this->user_cache["changed"] = false;
     }
 }
Exemplo n.º 2
0
 static function ExtractDataPacket($data, $key, $options = array())
 {
     $data = (string) $data;
     if (isset($options["key2"])) {
         $options2 = $options;
         if (isset($options["iv2"])) {
             $options["iv"] = $options["iv2"];
         } else {
             unset($options["iv"]);
         }
         if (self::IsMcryptAvailable()) {
             $data = self::McryptDecrypt($data, $options["key2"], $options);
         } else {
             if (!isset($options["bits2"])) {
                 $options["bits2"] = strlen($options["key2"]) * 8;
             }
             if ($options["mode"] == "CBC" && !isset($options["iv"])) {
                 $options["iv"] = "";
             }
             $bf = new SSO_Blowfish();
             if ($options["mode"] == "CBC") {
                 $bf->SetBlockMode("CBC");
                 $bf->SetInitVector($options["iv"]);
             }
             $bf->SetKey($options["key2"], $options["bits2"]);
             $bf->AddData($data);
             $bf->Finalize();
             $data = $bf->Decrypt();
         }
         $data = substr($data, 1) . substr($data, 0, 1);
         $options = $options2;
     }
     if (self::IsMcryptAvailable()) {
         $data = self::McryptDecrypt($data, $key, $options);
     } else {
         if (!isset($options["bits"])) {
             $options["bits"] = strlen($key) * 8;
         }
         if (!isset($options["mode"])) {
             $options["mode"] = "ECB";
         }
         if ($options["mode"] == "CBC" && !isset($options["iv"])) {
             $options["iv"] = "";
         }
         $bf = new SSO_Blowfish();
         if ($options["mode"] == "CBC") {
             $bf->SetBlockMode("CBC");
             $bf->SetInitVector($options["iv"]);
         }
         $bf->SetKey($key, $options["bits"]);
         $bf->AddData($data);
         $bf->Finalize();
         $data = $bf->Decrypt();
     }
     if ($data === false) {
         return false;
     }
     $pos = strpos($data, "\n");
     if ($pos === false) {
         return false;
     }
     $data = substr($data, $pos + 1);
     $pos = strpos($data, "\n");
     if ($pos === false) {
         return false;
     }
     $check = substr($data, 0, $pos);
     $data = substr($data, $pos + 1);
     $pos = strrpos($data, "\n");
     if ($pos === false) {
         return false;
     }
     $data = substr($data, 0, $pos);
     if (!isset($options["lightweight"]) || !$options["lightweight"]) {
         if ($check !== strtolower(sha1($data))) {
             return false;
         }
     } else {
         if ($check !== strtolower(dechex(crc32($data)))) {
             return false;
         }
     }
     return $data;
 }