/** * Validates a Cookie Token * * @param string $strCookieToken * @param string $strSalt Token salt * @return array|bool The username or FALSE */ public function validateCookieToken($strCookieToken, $strSalt = false) { $t = cryptastic::decrypt($strCookieToken, $strSalt ? $strSalt : $this->salt); if (isset($t['username']) && isset($t['expiration']) && $t['expiration'] > time()) { return $t['username']; } return false; }
<?php // This page contains a variety of functions that can be used to access the Canvas API // Display any php errors (for development purposes) error_reporting(E_ALL); ini_set('display_errors', '1'); //Set variables $courseID = $_SESSION['courseID']; $userID = $_SESSION['userID']; $domain = $_SESSION['apiDomain']; //retrieve user token from database $encrypted_token = DB::query("SELECT encrypted_token FROM tokens WHERE canvas_user_id = {$userID} AND domain = '{$domain}'"); //decrypt token $cryptastic = new cryptastic(); $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32); $token = $cryptastic->decrypt($encrypted_token[0]['encrypted_token'], $key); // This is the header containing the authorization token from Canvas $tokenHeader = array("Authorization: Bearer " . $token); // the following functions run the GET and POST calls if (!function_exists('http_parse_headers')) { function http_parse_headers($raw_headers) { $headers = array(); $key = ''; foreach (explode("\n", $raw_headers) as $i => $h) { $h = explode(':', $h, 2); if (isset($h[1])) { if (!isset($headers[$h[0]])) { $headers[$h[0]] = trim($h[1]); } elseif (is_array($headers[$h[0]])) { $headers[$h[0]] = array_merge($headers[$h[0]], array(trim($h[1])));
function _xls_decrypt($msg) { if (file_exists(YiiBase::getPathOfAlias('config') . "/wskeys.php")) { $existingKeys = (require YiiBase::getPathOfAlias('config') . "/wskeys.php"); $pass = $existingKeys['key']; $salt = $existingKeys['salt']; $cryptastic = new cryptastic(); $key = $cryptastic->pbkdf2($pass, $salt, 30000, 32); $decrypted = $cryptastic->decrypt($msg, $key, true); return $decrypted; } else { die("missing wskeys"); } }
<?php $pass = '******'; $salt = 'the password salt'; $msg = 'This is the secret message.'; /**********************************************************************************************************************/ // EXAMPLE #1 USING STRING AS MESSAGE $cryptastic = new cryptastic(); $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32) or die("Failed to generate secret key."); $encrypted = $cryptastic->encrypt($msg, $key) or die("Failed to complete encryption."); $decrypted = $cryptastic->decrypt($encrypted, $key) or die("Failed to complete decryption"); echo $decrypted . "<br /><br />\n"; /**********************************************************************************************************************/ // EXAMPLE #2 USING ARRAY AS MESSAGE $msg = array('message' => $msg); $encrypted = $cryptastic->encrypt($msg, $key); $decrypted = $cryptastic->decrypt($encrypted, $key); echo $decrypted['message'];
function findByUserId($user_id = 0, $decrypt = true) { $data = $this->find(' userId =' . $user_id); if (!isset($data[0])) { return false; } $data = $data[0]; $fee = new stdClass(); if ($data) { foreach ($data as $key => $field) { $this->{$key} = $field; $fee->{$key} = $field; } $cryptastic = new cryptastic(); if (isset($this->x_card_num) && $this->x_card_num != "" && strlen($this->x_card_num) != "16" && $decrypt) { $this->x_card_num = $cryptastic->decrypt($this->x_card_num, $this->firstname); //or die("Failed to complete decryption"); $fee->x_card_num = $this->x_card_num; } } return $fee; }