Update of /cvsroot/easymod/easymod2/mods/easymod/em_includes
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10569/mods/easymod/em_includes
Modified Files:
em_cipher.php em_functions.php
Log Message:
Backported cipher class and implemented a common interface to make it easy to use from the acp and install scripts.
Index: em_functions.php
===================================================================
RCS file: /cvsroot/easymod/easymod2/mods/easymod/em_includes/em_functions.php,v
retrieving revision 1.18
retrieving revision 1.19
diff -C2 -d -r1.18 -r1.19
*** em_functions.php 2 Nov 2005 05:51:56 -0000 1.18
--- em_functions.php 2 Nov 2005 09:22:42 -0000 1.19
***************
*** 40,43 ****
--- 40,67 ----
define('FIND_FAIL_CRITICAL', 2);
+ ///
+ /// Interface to crypt class
+ ///
+
+ define('EM_ENCRYPT', 'em_encrypt');
+ define('EM_DECRYPT', 'em_decrypt');
+
+ function crypt_ftp_pass($crypt_direction, $ftp_pass, $em_pass)
+ {
+ global $phpbb_root_path, $phpEx;
+
+ $key = '';
+ for($i = 1, $total = strlen($em_pass); $i < $total; $i = round(($i+1)*2))
+ {
+ $key .= md5($em_pass{$i});
+ }
+
+ require($phpbb_root_path . 'admin/em_includes/em_cipher.' . $phpEx);
+ $cipher = new Cipher_BlockMode_cbc();
+ $crypt_method = ( $crypt_direction == EM_ENCRYPT ? 'encrypt' : 'decrypt' );
+ $ftp_pass = $cipher->$crypt_method($ftp_pass, $key);
+ unset($cipher);
+ return $ftp_pass;
+ }
Index: em_cipher.php
===================================================================
RCS file: /cvsroot/easymod/easymod2/mods/easymod/em_includes/em_cipher.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** em_cipher.php 31 Oct 2005 17:57:15 -0000 1.4
--- em_cipher.php 2 Nov 2005 09:22:42 -0000 1.5
***************
*** 22,30 ****
! //
! // THE PURPOSE of this module is purely to encrypt the FTP password. Since I can't
! // be sure what PHP libraries are installed, I cannot use mcrypt. Thus the addition
! // of this 29k file just to make a password safe. Oh well, EM spares no expense ;-)
! //
--- 22,30 ----
! /*
! * THE PURPOSE of this module is purely to encrypt the FTP password. Since I can't
! * be sure what PHP libraries are installed, I cannot use mcrypt. Thus the addition
! * of this 29k file just to make a password safe. Oh well, EM spares no expense ;-)
! */
***************
*** 335,341 ****
function setKey($key)
{
- // we want a minimum length for our key
- $key .= '12345678' ;
-
$key = $this->_formatKey($key);
$keyPos = 0;
--- 335,338 ----
***************
*** 526,531 ****
var $_iv = "\0\0\0\0\0\0\0\0"; // String containing the initilization vector.
! var $blowfish ; // will contain a blowfish class
! var $filler ;
--- 523,529 ----
var $_iv = "\0\0\0\0\0\0\0\0"; // String containing the initilization vector.
! var $blowfish; // will contain a blowfish class
! var $filler;
! var $key_set;
***************
*** 533,550 ****
function Cipher_BlockMode_cbc()
{
! $this->blowfish = new Cipher_blowfish() ;
! $this->filler = 'nuttzy=1337' ;
}
// encrypts the text a chunk at a time and then strings them all together and returns the value
! function encrypt($plaintext)
{
$encrypted = '';
- // added by Nuttzy, we want to make sure the password is nice and long so brute forcers won't know if this
- // is a really short pw
- $plaintext .= $this->filler ;
-
$blocksize = $this->blowfish->getBlockSize();
$previousCipher = $this->_iv;
--- 531,546 ----
function Cipher_BlockMode_cbc()
{
! $this->blowfish = new Cipher_blowfish();
! $this->key_set = false;
}
// encrypts the text a chunk at a time and then strings them all together and returns the value
! function encrypt($plaintext, $key)
{
+ $this->setkey($key);
+
$encrypted = '';
$blocksize = $this->blowfish->getBlockSize();
$previousCipher = $this->_iv;
***************
*** 565,571 ****
// added by Nuttzy - we'll be storing the result in a DB so we need to replace ' with \'
! $encrypted = addslashes( $encrypted) ;
// TAKE TWO: the way General Config settings work in phpBB, this isn't sufficient, get rid of the ' all together
- // $encrypted = str_replace("\'", "''", $encrypted) ;
$encrypted = str_replace("\'", 'NUTTICK', $encrypted);
$encrypted = str_replace("\n", 'NUTLINE', $encrypted);
--- 561,566 ----
// added by Nuttzy - we'll be storing the result in a DB so we need to replace ' with \'
! $encrypted = addslashes($encrypted);
// TAKE TWO: the way General Config settings work in phpBB, this isn't sufficient, get rid of the ' all together
$encrypted = str_replace("\'", 'NUTTICK', $encrypted);
$encrypted = str_replace("\n", 'NUTLINE', $encrypted);
***************
*** 587,592 ****
// decrypts the cipher a chunk at a time and returns the plaintext
! function decrypt($ciphertext)
{
// decode for use (postgres storage problems)
if( function_exists('utf8_decode') )
--- 582,589 ----
// decrypts the cipher a chunk at a time and returns the plaintext
! function decrypt($ciphertext, $key)
{
+ $this->setkey($key);
+
// decode for use (postgres storage problems)
if( function_exists('utf8_decode') )
***************
*** 616,624 ****
}
- // added by nuttzy, we need strip off the extra characters we added
- $decrypted = substr( $decrypted, 0, strlen($decrypted) - strlen($this->filler)) ;
-
return $decrypted;
}
}
--- 613,629 ----
}
return $decrypted;
}
+
+ function setkey($key)
+ {
+ if ( !$this->key_set )
+ {
+ $this->blowfish->setKey($key);
+ $this->key_set = true;
+ }
+
+ return;
+ }
}
|
