From da08345bad408a61ada661aff58150cb4517df60 Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Tue, 12 Aug 2008 20:10:30 +0000 Subject: Update: Added Update-side password protection Refs #10 --- update/library/trunk/instadisc.php | 45 ++++++++++++++++++++++++++++++++++---- 1 file changed, 41 insertions(+), 4 deletions(-) (limited to 'update/library/trunk') diff --git a/update/library/trunk/instadisc.php b/update/library/trunk/instadisc.php index fc3ac08..3f9f945 100644 --- a/update/library/trunk/instadisc.php +++ b/update/library/trunk/instadisc.php @@ -11,12 +11,17 @@ $idusSubscriptionURI = array(); $idusSubscriptionTitle = array(); $idusSubscriptionCategory = array(); $idusActivationKey = array(); +$idusEncryptionKey = array(); $instaDisc_subCount = 0; -function instaDisc_sendItem($id, $title, $author, $url, $semantics) +function instaDisc_sendItem($id, $title, $author, $url, $semantics, $verID = 0) { global $idusUsername, $idusPassword, $idusCentralServer, $idusSubscriptionURI; - $verID = rand(1,65536); + + if ($verID == 0) + { + $verID = rand(1,65536); + } $client = new xmlrpc_client($idusCentralServer[$id]); $msg = new xmlrpcmsg("InstaDisc.sendFromUpdate", array( new xmlrpcval($idusUsername[$id], 'string'), @@ -30,9 +35,40 @@ function instaDisc_sendItem($id, $title, $author, $url, $semantics) $client->send($msg); } -function instaDisc_addSubscription($username, $password, $central, $uri, $title, $category, $key = '') +function instaDisc_sendEncrypted($id, $title, $author, $url, $semantics) +{ + global $idusEncryptionKey; + + $verID = 0; + while ($verID == 0) + { + $verID = rand(1,65536); + } + + $cipher = "rijndael-128"; + $mode = "cbc"; + $key = substr(md5(substr(str_pad($idusEncryptionKey[$id],16,$verID),0,16)),0,16); + + $td = mcrypt_module_open($cipher, "", $mode, ""); + mcrypt_generic_init($td, $key, strrev($key)); + $title = bin2hex(mcrypt_generic($td, $title)); + $author = bin2hex(mcrypt_generic($td, $author)); + $url = bin2hex(mcrypt_generic($td, $url)); + + foreach ($semantics as $name => $value) + { + $semantics[$name] = bin2hex(mcrypt_generic($td, $value)); + } + + mcrypt_generic_deinit($td); + mcrypt_module_close($td); + + instaDisc_sendItem($id, $title, $author, $url, $semantics, $verID); +} + +function instaDisc_addSubscription($username, $password, $central, $uri, $title, $category, $key = '', $enc = '') { - global $instaDisc_subCount, $idusUsername, $idusPassword, $idusCentralServer, $idusSubscriptionURI, $idusSubscriptionTitle, $idusSubscriptionCategory, $idusActivationKey; + global $instaDisc_subCount, $idusUsername, $idusPassword, $idusCentralServer, $idusSubscriptionURI, $idusSubscriptionTitle, $idusSubscriptionCategory, $idusActivationKey, $idusEncryptionKey; $idusUsername[$instaDisc_subCount] = $username; $idusPassword[$instaDisc_subCount] = $password; $idusCentralServer[$instaDisc_subCount] = $central; @@ -40,6 +76,7 @@ function instaDisc_addSubscription($username, $password, $central, $uri, $title, $idusSubscriptionTitle[$instaDisc_subCount] = $title; $idusSubscriptionCategory[$instaDisc_subCount] = $category; $idusActivationKey[$instaDisc_subCount] = $key; + $idusEncryptionKey[$instaDisc_subCount] = $enc; $instaDisc_subCount++; } -- cgit 1.4.1