Jump to content


Photo

Linux Cryptography Problem?


  • Please log in to reply
5 replies to this topic

#1 RobertP

RobertP

    Advanced Member

  • Members
  • PipPipPip
  • 288 posts

Posted 19 November 2012 - 10:28 PM

Catchy title? well that is exactly my problem. i have 2 methods inside my 'Member' class (code below).
As you an see, i am not getting the expected results from 'crypt'.

What started this problem was i have switched my development pc's operating system from win7 to Ubuntu 14, and there was a few small case-sensitive issues i had to fix while moving my site, however this is a security issue that was allowing anyone to login using the wrong password, that is before i added the 'if(strlen($newPassword)!=60)' check.

If anyone else has seen this issue, please let me know how you solved it :)

public function setPassword($password) {
        $salt = Util::generateRndStr(<img src='http://forums.phpfreaks.com/public/style_emoticons/<#EMO_DIR#>/cool.gif' class='bbc_emoticon' alt='8)' />;
        $newPassword = self::encrypt($password, $salt);
        echo 'pass='.$password.'<br />';
        echo 'salt='.$salt.'<br />';
        echo 'ePas='.$newPassword.'<br />';
        if(strlen($newPassword)!=60){
            trigger_error('Internal issue with Member::encrypt.',E_USER_WARNING);
            return false;
        }
        $statement = $this->connection->prepare('UPDATE members SET passwrd = ?, sal_t = ? WHERE id = ? LIMIT 1;');
        $id = $this->get('id');
        $statement->bindParam(1, $newPassword, PDO::PARAM_STR);
        $statement->bindParam(2, $salt, PDO::PARAM_STR);
        $statement->bindParam(3, $id, PDO::PARAM_INT);
        $statement->execute();
        return $statement->rowCount() == 1;
    }

    public static function encrypt($string, $salt) {
        return crypt($string, '$2y$10$' . $salt . '$');
    }

u tha king Pikachu2000!!

#2 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 19 November 2012 - 11:05 PM

There are two possible causes:

Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$", a two digit cost parameter, "$", and 22 digits from the alphabet "./0-9A-Za-z". Using characters outside of this range in the salt will cause crypt() to return a zero-length string.

(My emphasis.)

...developers targeting only PHP 5.3.7 and later should use "$2y$"...


Well... The PHP manual outlines a couple more, but the two above are the most likely ones from the little info you've provided us with so far. Without knowing exactly what the Util::generateRndStr () does all we can do is speculate. So if the two quotes above aren't of any help, please post the contents of that functions as well.
Keeping it simple.

#3 RobertP

RobertP

    Advanced Member

  • Members
  • PipPipPip
  • 288 posts

Posted 19 November 2012 - 11:44 PM

terribly sorry, here is the requested method.

public static function generateRndStr($length, $type = 0) {
        if ($length < 1)
            return null;
        switch ($type) {
            case 1://captcha.
                $possible = '23456789bcdfghjkmnpqrstvwxyz';
                break;
            case 2://sessions.
                $possible = 'abcdefghijklmnopqrstuvwxyz0123456789';
                break;
            default://all.
                $possible = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
        }
        $str = null;
        for ($i = 0; $i < $length; $i++)
            $str .= substr($possible, mt_rand(0, strlen($possible) - 1), 1);
        return $str;
    }

this is my results during testing, just so everyone can see the problem outright..

pass=1234
salt=tvFvbjGG
ePas=$2y$10$tvFvbjGG$

Edited by RobertP, 19 November 2012 - 11:51 PM.

u tha king Pikachu2000!!

#4 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 19 November 2012 - 11:56 PM

I refer to the added emphasis in my first quote. ;)
Keeping it simple.

#5 RobertP

RobertP

    Advanced Member

  • Members
  • PipPipPip
  • 288 posts

Posted 20 November 2012 - 12:13 AM

I refer to the added emphasis in my first quote. ;)


Thank you, i have noticed that my salt was a little to small :) Not sure how it changed from 21 to 8.. but that fixed my problem.

Fix:
public function setPassword($password) {
        $salt = Util::generateRndStr(21);
        $newPassword = self::encrypt($password, $salt);
        if(strlen($newPassword)!=60){
            trigger_error('Internal issue with Member::encrypt.',E_USER_WARNING);
            return false;
        }
        $statement = $this->connection->prepare('UPDATE members SET passwrd = ?, sal_t = ? WHERE id = ? LIMIT 1;');
        $id = $this->get('id');
        $statement->bindParam(1, $newPassword, PDO::PARAM_STR);
        $statement->bindParam(2, $salt, PDO::PARAM_STR);
        $statement->bindParam(3, $id, PDO::PARAM_INT);
        $statement->execute();
        return $statement->rowCount() == 1;
    }

Edited by RobertP, 20 November 2012 - 12:14 AM.

u tha king Pikachu2000!!

#6 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 20 November 2012 - 03:00 AM

21..? You should still be missing one digit. Glad to hear that it works though.
Keeping it simple.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com