Edit report at http://bugs.php.net/bug.php?id=54721&edit=1
ID: 54721
Updated by: paj...@php.net
Reported by: os at irj dot ru
Summary: crypt function
-Status: Assigned
+Status: Feedback
Type: Bug
Package: *Encryption and hash functions
Operating System: Windows 7 x64
PHP Version: 5.3.6
Assigned To: pajoye
Block user comment: N
Private report: N
New Comment:
On FreeBSD I got (which uses system's crypt):
<?php
echo crypt("dev", '$1$dW0.is5.$10CH101gGOr1677ZYd517.');
?>
.ionEGu/npGjI
With the proposed fix, I got on windows (which is what this bug is
about):
$1$dW0.is5.$Jay703TqfAIolX2oUKG7u1
Which is not what the initial report says, it expects:
$1$dW0.is5.$10CH101gGOr1677ZYd517.
And using the tests provided privately:
<?php
echo crypt("", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("b", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("bu", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("bug", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("pass", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("buged", '$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
echo crypt("aaaaaaaaaaaaaaaaaaaaaaaaa ",
'$1$dW0.is5.$10CH101gGOr1677ZYd517.') . "\n";
?>
Windows (with patch):
$1$dW0.is5.$I0iqTYHPzkP4YnRgnXxZW0
$1$dW0.is5.$geEFTh1pYyBlKNV7Jd0jJ0
$1$dW0.is5.$J9qpZsnaE3ddwR9CfXJq71
$1$dW0.is5.$5tcolHQsY5Pxr8vn4rzdN/
$1$dW0.is5.$2E4/ZDY1vr73HqLl1bLs9.
$1$dW0.is5.$lvGhphTQwqgKxWhWwYERr1
$1$dW0.is5.$XzsWcLSBj2BvhOKH0xdpZ0
FreeBSD:
$1$dW0.is5.$I0iqTYHPzkP4YnRgnXxZW0
$1$dW0.is5.$KaspRpPQ9U7Xb5Vv5c.WE/
$1$dW0.is5.$X9G1x/Ep8zYQSrU4/lKUg.
$1$dW0.is5.$wE5Rz/HxPtDMfqil6kK980
$1$dW0.is5.$2E4/ZDY1vr73HqLl1bLs9.
$1$dW0.is5.$lvGhphTQwqgKxWhWwYERr1
$1$dW0.is5.$XzsWcLSBj2BvhOKH0xdpZ0
I don't think the patch or the initial report is correct and it somehow
confirms my thoughts, len>16 is really implementation specific. Or did I
miss something?
Previous Comments:
------------------------------------------------------------------------
[2011-05-21 20:11:26] tony2...@php.net
Pierre, could you test the proposed fix, please?
Thanks in advance.
------------------------------------------------------------------------
[2011-05-16 17:18:12] paj...@php.net
Please note that as this code may or should produce similar results on
all
platforms or builds, it is not correct.
MD5 salt is max. 12 characters as described in the manual and how the
extra
characters are treated are implementation specific.
Use blowfish or other stronger algorithm if you like to use a bigger
salt.
------------------------------------------------------------------------
[2011-05-16 16:46:03] paj...@php.net
Confirmed.
Seems to be only happening in the TS API.
------------------------------------------------------------------------
[2011-05-13 06:16:20] os at irj dot ru
At Windows XP
Expected result:
$1$dW0.is5.$em49ePD07X75OTvpVod410
Actual result:
C:\tmp>php test.php
$1$dW0.is5.$UW7SlpXxFDXZ9zHcYQy.l/
C:\tmp>php test.php
$1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B.
C:\tmp>php test.php
$1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B.
C:\tmp>php test.php
$1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B.
C:\tmp>php test.php
C:\tmp>php -v
PHP 5.3.6 (cli) (built: Mar 17 2011 10:37:07)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
------------------------------------------------------------------------
[2011-05-13 06:06:23] os at irj dot ru
>From download page I downloaded VC9 x86 Thread Safe (2011-Mar-22
13:27:32) as ZIP arhive, unzip it and run test script at office using
cli interface on Microsoft Windows 7 x86, bug too.
Expected result:
$1$dW0.is5.$em49ePD07X75OTvpVod410
Actual result:
D:\tmp>php test.php
<pre>
$1$dW0.is5.$EkFno5M.sWHzVKG.KcE4g.
D:\tmp>php test.php
<pre>
$1$dW0.is5.$C08LtG..f5qYCBEqaEaeV.
D:\tmp>php test.php
<pre>
$1$dW0.is5.$U.zA4AF2/AvLMpxAdd57x1
D:\tmp>php test.php
<pre>
$1$dW0.is5.$FO6NpJOzWGbHX3Al2BRcU1
D:\tmp>php test.php
<pre>
$1$dW0.is5.$OoBfHS6yulKgQHVDZ8XLx/
D:\tmp>php -v
PHP 5.3.6 (cli) (built: Mar 17 2011 10:37:07)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
D:\tmp>
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=54721
--
Edit this bug report at http://bugs.php.net/bug.php?id=54721&edit=1
