WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

implemented username/password encryption

This commit is contained in:
Roland Gruber 2003-03-28 15:45:42 +00:00
parent 778f8572b9
commit 28444b9c7e
4 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
lam/lib/ldap.php
View File

@ -144,29 +144,35 @@ class Ldap{
} }
// encrypts username and password // encrypts username and password
// TODO: implement encryption algorithm
function encrypt($username, $password) { function encrypt($username, $password) {
$this->username = $username; // read key and iv from cookie
$this->password = $password; $iv = base64_decode($_COOKIE["IV"]);
$key = base64_decode($_COOKIE["Key"]);
// encrypt username and password
$this->username = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $username, MCRYPT_MODE_ECB, $iv));
$this->password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $password, MCRYPT_MODE_ECB, $iv));
} }
// decrypts username and password // decrypts username and password
// TODO: implement encryption algorithm
function decrypt() { function decrypt() {
$ret = array($this->username, $this->password); // read key and iv from cookie
$iv = base64_decode($_COOKIE["IV"]);
$key = base64_decode($_COOKIE["Key"]);
// decrypt username and password
$username = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->username), MCRYPT_MODE_ECB, $iv);
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->password), MCRYPT_MODE_ECB, $iv);
$ret = array($username, $password);
return $ret; return $ret;
} }
// closes connection to LDAP server and deletes encrypted username/password // closes connection to LDAP server and deletes encrypted username/password
function destroy() { function destroy() {
$this->close(); $this->close();
$this->username="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; $this->username="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$this->password="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; $this->password="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
// TODO: delete encryption key
} }
} }
?> ?>

7
lam/templates/login.php
View File

@ -36,6 +36,13 @@ $session_save_path .= "/sess";
session_save_path($session_save_path); // Set session save path session_save_path($session_save_path); // Set session save path
@session_start(); // Start LDAP Account Manager session @session_start(); // Start LDAP Account Manager session
// generate 256 bit key and initialization vector for user/passwd-encryption
$key = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
$iv = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
// save both in cookie
setcookie("Key", base64_encode($key));
setcookie("IV", base64_encode($iv));
// checking if the submitted username/password is correct. // checking if the submitted username/password is correct.
if($action == "checklogin") if($action == "checklogin")

4
lam/templates/logout.php
View File

@ -23,6 +23,10 @@ $Id$
*/ */
// delete key and iv in cookie
setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
include_once("../lib/ldap.php"); include_once("../lib/ldap.php");
// start session // start session

2
lam/templates/main.php
View File

@ -29,7 +29,7 @@ echo ("<title>LDAP Account Manager</title>\n");
echo ("</head>\n"); echo ("</head>\n");
echo ("<frameset rows=\"130,*\">\n"); echo ("<frameset rows=\"130,*\">\n");
echo ("<frame src=\"./main_header.php\" name=\"head\">\n"); echo ("<frame src=\"./main_header.php\" name=\"head\">\n");
echo ("<frame src=\"../lib/listusers.php\" name=\"mainpart\">\n"); echo ("<frame src=\"../lib/listhosts.php\" name=\"mainpart\">\n");
echo ("<noframes>\n"); echo ("<noframes>\n");
echo ("This page requires a browser that can show frames!\n"); echo ("This page requires a browser that can show frames!\n");
echo ("</noframes>\n"); echo ("</noframes>\n");