function CheckLicense() { global $LKey, $Trial, $SaveVars, $Errors, $Lang, $CLang; if (!$LKey && !$Trial) { return false; } if ($LKey) { $BF = new Crypt_Blowfish('ns tracker license '); $Decoded = $BF->decrypt($LKey); $LArray = GetLicenseText($Decoded); if ($LArray) { if (!isset($LArray['P'])) { $Errors[] = $Lang['SecondaryKey']; return; } $GLOBALS['LArray'] = $LArray; foreach ($LArray as $Key => $Val) { $GLOBALS['Lc' . $Key] = $Val; $SaveVars[] = "Lc" . $Key; } } else { $Errors[] = $Lang['BadLicense']; } } if (count($Errors)) { return; } NextStep(); }
/** * isDefault * * @access public * @return bool false if the user is authenticated, true if not (default user) */ public function isDefault() { $session =& Framework_Session::singleton(); if (is_null($session->email)) { return true; } // Check timeout $time = time(); $lastActionTime = $session->lastActionTime; $timeLimit = (int) Framework::$site->config->inactiveTimeout; $this->recordio("timeout info: time: {$time}, lastActionTime: {$lastActionTime}, timeLimit: {$timeLimit}"); if ($time - $lastActionTime > $timeLimit) { header('Location: ./?module=Login&event=logoutInactive'); return false; } // Authenticate $encryptedPass = $session->password; $crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey); $plainPass = $crypt->decrypt($encryptedPass); if ($this->authenticate($session->email, $plainPass)) { $session->lastActionTime = $time; return false; } return true; }
public function __construct(&$params = null) { parent::__construct($params); extract($this->using('cookie', 'misc')); session_set_cookie_params($cookie->lifetime, $cookie->path, $cookie->domain); session_start(); if ($this->encryption) { $sess_key = preg_replace('/[^a-zA-Z0-9]/', '', $cookie->get('sess_key')); if (strlen($sess_key) != 12) { $cookie->set('sess_key', $sess = $misc->random_string(12)); } if (strlen($sess_key) == 12 && isset($_SESSION['data']) && isset($_SESSION['pass']) && $_SESSION['pass'] == md5(TM_UNIQUE_STR)) { $bf = new Crypt_Blowfish($sess_key); $data = @unserialize(function_exists('gzuncompress') && $this->compress ? @gzuncompress($bf->decrypt($_SESSION['data'])) : $bf->decrypt($_SESSION['data'])); $_SESSION = $data ? $data : array(); } else { $_SESSION = array(); } } }
public function decrypt($ciphertext) { $plainTextLength = intval(substr($ciphertext, -6)); $ciphertext = substr($ciphertext, 0, -6); $plaintext = ''; $chunks = explode('=', $ciphertext); $ending_value = count($chunks); for ($counter = 0; $counter < $ending_value - 1; $counter++) { $chunk = $chunks[$counter] . '='; $decoded = base64_decode($chunk); $piece = parent::decrypt($decoded); $plaintext = $plaintext . $piece; } return substr($plaintext, 0, $plainTextLength); }
public static function decrypt($sData, $asKey = null) { if (empty($sData)) { throw new Exception("Empty data"); } $sKey = empty($asKey) ? FlexiConfig::$sEncryptionKey : $asKey; $blowfish = new Crypt_Blowfish($sKey); $sResult = $blowfish->decrypt($sData); // if (strlen($sResult) > 0) { // while (ord($sResult[strlen($sResult)-1]) == 0) { // $sResult = substr($sResult,0,-1); // } // } return $sResult; //return mcrypt_decrypt( MCRYPT_BLOWFISH, $sKey, $sData, MCRYPT_MODE_CBC, self::getMode() ); }
function wrap_bp_decrypt($cipher_id, $key, $text, $iv) { $bf = new Crypt_Blowfish('cbc'); $iv_size = strlen($iv); if ($iv_size !== false && $iv_size > 0) { $bf->setKey($key, $iv); } else { $bf->setKey($key); } $text = $bf->decrypt($text); if (PEAR::isError($text)) { $last_bp_error = 'blowfish_decrypt_error ' . $text->getMessage(); return false; } $text = rtrim($text, ""); return $text; }
function passwordDecrypt($encrypt_char) { if ($encrypt_char == "") { return ""; } $encrypted = base64_decode($encrypt_char); $blowfish = new Crypt_Blowfish(CBF_KEY); $passwd = $blowfish->decrypt($encrypted); // 末尾の「\0」を削除 $passwd = rtrim($passwd, ""); return $passwd; }
function decryptText($text) { require_once 'Crypt/Blowfish.php'; $bf = new Crypt_Blowfish(ENCRYPTKEY); $plaintext = $bf->decrypt(convertString(trim($text))); return trim($plaintext); }
/** * Uses blowfish to decode data assumes data has been base64 encoded with the iv stored as part of the data * @param STRING key - key to base decoding off of * @param STRING encoded base64 encoded blowfish encrypted data * @return string */ function blowfishDecode($key, $encoded) { $data = base64_decode($encoded); $bf = new Crypt_Blowfish($key); return trim($bf->decrypt($data)); }
function decrypt($ciphertext) { $plaintext = ''; $chunks = explode('=', $ciphertext); $ending_value = sizeof($chunks); for ($counter = 0; $counter < $ending_value - 1; $counter++) { $chunk = $chunks[$counter] . '='; $decoded = base64_decode($chunk); $piece = parent::decrypt($decoded); $plaintext = $plaintext . $piece; } return $plaintext; }
function call_decrypt($key, $encrypted_text) { // call pear init & call //call_pear_init(); require_once ('Crypt/Blowfish.php'); // Create the Crypt_Blowfish object using a secret key. The key must be //protected at all costs. The key is like a password to access the data. $blowfish = new Crypt_Blowfish($key); // This is the text we will encrypt $d = pack("H*", $encrypted_text); $decrypted = $blowfish->decrypt($d); return($decrypted); }
/** * Decrypts data using Blowfish * * Requires either `mcrypt` extension or `Crypt_Blowfish` PEAR package. Automatically * handles URL safe Base64 encoding. * * @param mixed $data Data to decrypt * @param string $pass_phrase Secret passphrase to decrypt the data * @return string|bool Decrypted data, or `false` if decryption is not available * @api */ public static function decrypt($data, $pass_phrase = '') { @(include_once "Crypt/Blowfish.php"); // PEAR if (($use_mcrypt = extension_loaded('mcrypt')) === false || !class_exists('\\Crypt_Blowfish')) { return false; } $pass_phrase = hash('sha256', $pass_phrase . NONCE_SALT, true); $data = self::base64UrlUnsafe($data); if ($use_mcrypt) { return mcrypt_decrypt(MCRYPT_BLOWFISH, $pass_phrase, base64_decode($data), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND)); } else { $bf = new \Crypt_Blowfish($pass_phrase); return $bf->decrypt(base64_decode($data)); } }
function checkDeviceId($key = '') { if ($this->vars['ua']['isBot'] || strpos($this->myRoot . $this->SERVER['REQUEST_URI'], str_replace('&', '&', $this->Config_redirect)) === 0) { return true; } if ($this->vars['ua']['carrier'] === 'docomo') { // docomo only if (empty($_POST)) { $now = time(); if (!isset($_SESSION['hypKtaiStartTime'])) { $_SESSION['hypKtaiStartTime'] = 0; } if ($_SESSION['hypKtaiStartTime'] + $this->Config_docomoGuidTTL < $now && strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE) { $_SESSION['hypKtaiStartTime'] = $now; // 未取得なので guid=on をつけてリダイレクト $joint = strpos($this->SERVER['REQUEST_URI'], '?') === FALSE ? '?' : '&'; $url = $this->myRoot . $this->SERVER['REQUEST_URI'] . $joint . 'guid=on'; if (!$this->vars['ua']['allowCookie']) { $url = $this->removeSID($url); $sid = '&' . $this->session_name . '=' . session_id(); } else { $sid = ''; } header('Location: ' . $url . $sid); return 'redirect'; } } // PEAR $incPath = ini_get('include_path'); $addPath = XOOPS_TRUST_PATH . '/PEAR'; if (strpos($incPath, $addPath) === FALSE) { ini_set('include_path', $incPath . PATH_SEPARATOR . $addPath); } require_once 'Crypt/Blowfish.php'; $blowfish = new Crypt_Blowfish($key); // Crypt_Blowfish => 1.0.1 //$blowfish = Crypt_Blowfish::factory('ecb', $key); // Crypt_Blowfish => 1.1.0RC1 if (strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE && !$this->vars['ua']['uid'] && isset($_SESSION['hypKtaiUserId'])) { // セッションに登録済み $_SERVER['HTTP_X_DCMGUID'] = $this->vars['ua']['uid'] = rtrim($blowfish->decrypt(base64_decode($_SESSION['hypKtaiUserId'])), ""); } else { if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = base64_encode($blowfish->encrypt($this->vars['ua']['uid'])); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != base64_encode($blowfish->encrypt($this->vars['ua']['uid']))) { return false; } } } } //$_SESSION['hyp_redirect_message'] = $_SERVER['HTTP_X_DCMGUID']; } else { // other carrier if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) { // セッションに登録されていなければ登録 $_SESSION['hypKtaiUserId'] = md5($this->vars['ua']['uid'] . $key); } else { if (isset($_SESSION['hypKtaiUserId'])) { // セッション登録値と比較 if ($_SESSION['hypKtaiUserId'] != md5($this->vars['ua']['uid'] . $key)) { return false; } } } } return true; }
/** Decrpyted the given base64 string using the blowfish cipher @param base64Value Base 64 encoded string. @see _encryptValue(), _unpackValue() */ function _decryptValue($base64Value, $config) { extract($config); $prefixLen = strlen($prefix); if (substr($base64Value, 0, $prefixLen) != $prefix) { $this->log(__METHOD__ . " Security prefix is missing: '{$base64Value}'"); return false; } $encrypted = base64_decode(substr($base64Value, $prefixLen)); if ($encrypted === false) { $this->log(__METHOD__ . " Could not decode base64 value '{$base64Value}'"); return false; } $bf = new Crypt_Blowfish($key); $envelope = trim($bf->decrypt($encrypted), chr(0)); $value = $this->_unpackValue($envelope, $saltLen); if ($value === false) { $this->log(__METHOD__ . " Could not unpack value from '{$envelope}'"); return false; } if (PEAR::isError($value)) { $this->log($value->getMessage()); return false; } return $value; }
/** * Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data * @param string key - key to base encoding off of * @param string data - string to be encrypted and encoded * @param object Crypt_Blowfish object * @return string */ public function openLicense($key, $data, $bf = null) { $plain = ''; $encrypted = ''; $i = 0; $part = 0; $licenseType = ''; $data = $data . "\n"; $len = strlen($data); $line = ''; while ($i < $len) { if (substr($data, $i, 1) != "\n") { $line .= substr($data, $i, 1); } else { switch ($part) { case 0: $match = array(); if (preg_match("/----- BEGIN (.*) -----/", $line, $match)) { $part = 1; $licenseType = $match[1]; } break; case 1: $match = array(); if (preg_match("/----- END {$licenseType} -----/", $line, $match)) { $part = 2; } else { $encrypted .= trim($line); } break; default: # code... break; } $line = ''; } $i++; } if ($part != 2) { // @codeCoverageIgnoreStart throw new Exception(translate('LBL_PMSE_CRYPT_ERROR_LICENSENOTVALID', $this->moduleName)); // @codeCoverageIgnoreEnd } else { $data = base64_decode($encrypted); if (!$bf) { // @codeCoverageIgnoreStart $bf = new Crypt_Blowfish($key); } // @codeCoverageIgnoreEnd return trim($bf->decrypt($data)); } }
/** * Load generated password in plain-text format * it is only available 6 hours after signup and * supposed to be displayed on thanks page * * @return string|null */ function getStoredPlaintextPassword() { $pg = $this->getDi()->store->get('pass-generated-' . $this->pk()); if (!$pg) { return null; } $crypt = new Crypt_Blowfish($this->getDi()->app->getSiteKey()); return $crypt->decrypt(base64_decode($pg)); }
/** * * * @param * @return */ function decrypt($name, $encrypted_string) { if (!$name && !$encrypted_string) { return $encrypted_string; } global $application; $session_id = session_id(); $tables = $this->getTables(); $table = 'crypto_keys'; $k = $tables[$table]['columns']; $query = new DB_Select(); $query->addSelectField($k["key"], "crypto_key"); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $result = $application->db->getDB_Result($query); if (isset($result[0]['crypto_key']) && $result[0]['crypto_key']) { $key = $result[0]['crypto_key']; $query = new DB_Delete($table); $query->WhereValue($k["id"], DB_EQ, $session_id); $query->WhereAnd(); $query->WhereValue($k["name"], DB_EQ, $name); $application->db->getDB_Result($query); $blowfish = new Crypt_Blowfish($key); $blowfish->setKey($key); $string = $blowfish->decrypt($encrypted_string); } else { return ""; } return $string; }