-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathphp.php
45 lines (36 loc) · 1.26 KB
/
php.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
$account_key = 'YOUR SITE KEY';
$api_key = 'YOUR MULTIPASS API KEY';
$salted = $api_key . $account_key;
$hash = hash('sha1',$salted,true);
$saltedHash = substr($hash,0,16);
$iv = "OpenSSL for Ruby";
$user_data = array(
'uid' => '123abc',
'customer_email' => '[email protected]',
'customer_name' => 'Test User',
'expires' => date("c", strtotime("+5 minutes"))
);
$data = json_encode($user_data);
// AES encryption:
// double XOR first block
for ($i = 0; $i < 16; $i++) {
$data[$i] = $data[$i] ^ $iv[$i];
}
// pad using block size of 16 bytes
$pad = 16 - (strlen($data) % 16);
$data = $data . str_repeat(chr($pad), $pad);
// encrypt using AES128-cbc
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'','cbc','');
mcrypt_generic_init($cipher, $saltedHash, $iv);
$encryptedData = mcrypt_generic($cipher,$data);
mcrypt_generic_deinit($cipher);
// Base64 encode the encrypted data
$encryptedData = base64_encode($encryptedData);
// Convert encoded data to the URL safe variant
$encryptedData = preg_replace('/\=$/', '', $encryptedData);
$encryptedData = preg_replace('/\n/', '', $encryptedData);
$encryptedData = preg_replace('/\+/', '-', $encryptedData);
$encryptedData = preg_replace('/\//', '_', $encryptedData);
$multipass = urlencode($encryptedData);
?>