Edit report at http://bugs.php.net/bug.php?id=51996&edit=1
ID: 51996
Updated by: paj...@php.net
Reported by: phpbug dot z dot pbowers at spamgourmet dot com
Summary: crypt (md5) with same key and salt specified gives
different output
-Status: Assigned
+Status: Bogus
Type: Bug
Package: hash related
Operating System: windows 7
PHP Version: 5.3.2
Assigned To: pajoye
New Comment:
As said in the other bug report, this issue has been fixed. The code is
not platform specific. Bogus (duplicated). Fix will be present in the
next release.
Output Example #A:
MATCH
Output current SVN for example #B:
local config: <br>
hash0=$1$Eb..7r1.$wV.jr8E4XOOGoy3WWFHAg., <br>
hash2=$1$Eb..7r1.$wV.jr8E4XOOGoy3WWFHAg.<br>
hash3=$1$Eb..7r1.$wV.jr8E4XOOGoy3WWFHAg.<br>
hash4=$1$Eb..7r1.$wV.jr8E4XOOGoy3WWFHAg.<br>
Previous Comments:
------------------------------------------------------------------------
[2010-06-05 15:55:47] phpbug dot z dot pbowers at spamgourmet dot com
Looking around at the sources I see that "windows platform" may not be
specific enough. I'm talking about the v6 build under wampserver. If
the bug referenced above was reliably reproduced on the same platform
under 5.3.x and then shown to be fixed in 5.3.2-dev then this bug-report
can be closed with that other one. If not then I'm thinking both should
remain open...
(If someone can point me to instructions where to download the PHP code
and make a binary I'm willing to confirm one way or the other... But I
don't have access to any compilers other than what can be downloaded...)
------------------------------------------------------------------------
[2010-06-05 08:08:34] phpbug dot z dot pbowers at spamgourmet dot com
See http://bugs.php.net/bug.php?id=49954 - a friend pointed this out to
me after I submitted this.
However, I note that that bug is marked as "closed" in 5.3.2-dev. And
that bug did not clearly specify that it was windows-only. My fear is
that the bug was closed after somebody tested 5.3.2-dev on linux or some
other platform.
------------------------------------------------------------------------
[2010-06-04 19:19:11] phpbug dot z dot pbowers at spamgourmet dot com
Description:
------------
My understanding of the crypt() function is that it prepends the salt
onto the resulting hash. Thereafter feeding the resulting hash as the
salt argument to the crypt() function with the same original key should
result in the same hash. We have used this extensively to encrypt/store
and compare passwords for authentication purposes.
Thus the following code should result in "MATCH":
(see example A below)
In any version I've tested of PHP on a linux platform as well as 5.2.11
on a windows platform I get "MATCH" -- this is correct. But on 5.3.0 or
5.3.1 or 5.3.2 on windows I get "NO MATCH".
(see Example B below)
On any PHP version on a linux platform or on any pre-PHP 5.3.0 version
on windows I get all identical hashes - this is good (same key, same
salt, should result in the same hash). But on any PHP 5.3.0 or later on
windows I get all 4 being different (same first 12 characters).
I have verified that this bug occurs ON A WINDOWS PLATFORM (WAMPSERVER)
in 5.3.0 and 5.3.1 and 5.3.2 but does not happen on 5.2.11.
I have verified that this bug does not occur on a linux platform running
sample versions of 5.3.x.
I have verified that if I use a key of 4 or more characters the bug
disappears. Thus if you replace "abc" with "abcd" in the above code
everything works fine across the board. This bug only occurs with a key
of 3 or fewer characters.
Why is this important? I'm using code similar to this to determine
whether passwords stored as encrypted hash match the password users just
entered -- if they use a short password (3 or less characters -- not
wise, but in a low-security environment there's been no need to limit
that) then moving to 5.3.x means they can no longer log in.
Test script:
---------------
Example A:
$foo = crypt("abc");
$bar = crypt("abc", $foo);
if ($foo == $bar) echo "MATCH";
else echo "NO MATCH";
Example B:
$hash0 = crypt('abc');
$hash2 = crypt('abc', $hash0);
$hash3 = crypt('abc', $hash2);
$hash4 = crypt('abc', $hash3);
echo "local config: <br>\nhash0=$hash0,
<br>\nhash2=$hash2<br>\nhash3=$hash3<br>\nhash4=$hash4<br>\n";
Expected result:
----------------
Example A:
Expect output of "MATCH"
Example B:
Expect 4 identical hashes to be printed, like this (obtained from
5.2.11):
local config:
hash0=$1$xH3.mL5.$GVkUEah6QIRaB7lZXfBz7.,
hash2=$1$xH3.mL5.$GVkUEah6QIRaB7lZXfBz7.
hash3=$1$xH3.mL5.$GVkUEah6QIRaB7lZXfBz7.
hash4=$1$xH3.mL5.$GVkUEah6QIRaB7lZXfBz7.
Actual result:
--------------
Example A (on a windows machine running 5.3.x):
NO MATCH
Example B (on a windows machine running 5.3.x):
local config:
hash0=$1$ta2.y55.$BYwQQt5ybMoX9I6Yqa5gX1,
hash2=$1$ta2.y55.$ngRiBNwmsuMxW.9B7OTB3/
hash3=$1$ta2.y55.$D4w8u73CH0ljNiwgqkX9p0
hash4=$1$ta2.y55.$ytnCYJ3ZKie4Fkei4SBmu.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=51996&edit=1
