3 Library which implements basic work with RSA encryption + decryption
4 also using authoring hash-cookie
6 maintainer smal (Serhiy Voyt)
9 Before use read carefully readme.txt and define varaibles below
11 This script is a part of ATutor LDAP-authoring module and it's required to right work all LDAP-authoring in ATutor. RSA
13 Before use this script you must check your system to folowing:
14 1.In your system must be installed OpenSSL package - required to generate private key.
15 2.In PHP must be enabled OpenSSL Functions - required to rsa.inc.php (see phpinfo() to check this)
21 define('PUBLIC_KEY', 'B1CBE3B5456CDF6D5A85F32715415A0F85ADAB289B7AD21CA2B925BD28231994B72856093C46D2A67CF8136CBDCF430C0EF7990403DAF4830CE4633D98A16703');
22 define('PRIVATE_KEY', AT_INCLUDE_PATH.'/lib/pk.pem');
25 function auth_cookie() {
29 $hash = md5(mt_rand());
32 $sql = "INSERT INTO ".TABLE_PREFIX."auth_cookie VALUES(0, '$hash', $time)";
33 $result = mysql_query($sql, $db);
35 $id = mysql_insert_id();
37 $auth_cookie = "|".$hash;
42 function rsa_decode($key,$enc_str){
44 if ($fp = fopen($key, 'r')){
45 $priv_key = fread($fp, 8192);
52 if (!$keyh = openssl_get_privatekey($priv_key)) {
57 $pub_key = openssl_pkey_get_public($key);
60 if (openssl_private_decrypt(base64_decode($enc_str), $decoded_string, $keyh)){
61 return $decoded_string;
70 function clear_auth_cookie(){
74 $cur_time = time() - TTL;
75 $sql = "DELETE FROM ".TABLE_PREFIX."auth_cookie WHERE ttl < ".$cur_time;
76 mysql_query($sql,$db);
81 function check_valid_login($decoded_auth){
86 list($password, $hash) = explode("|", $decoded_auth);
88 $sql = "SELECT ttl FROM ".TABLE_PREFIX."auth_cookie WHERE hash ='$hash'";
90 if ($result = mysql_query($sql, $db)){
91 if ($row = mysql_fetch_array($result)){
92 $ttl_valid = time() - $row['ttl'];
93 if ($ttl_valid < TTL) {