|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2002-01-21 07:03 UTC] bguillot at incoretech dot com
// Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1
// Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19
// 2.4.19 is Broken as it does not pass "make check" to test
// When Loading This Page you should see the time and a Cookie Number.
// If you test with TWOFISH It give a Segmentation Failure in the Apache Error Log
// But Will Work With 3DES and BLOWFISH.
//
// I do not have a gdb trace sorry :(
//
// Strange.
Testing Script is following
<?php
// Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1
// Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19 (Broken does not pass make check)
// When Loading This Page you should see the time and a Cookie Number.
// If you test with TWOFISH It give a Segmentation Failure in the Apache Error Log
// But Will Work With 3DES.
//
// Strange.
// bguillot@NOSPAMincoretech.com REMOVE NOSPAM
function T ( $user_id, $Encryption ) {
$session_serial = $user_id.
'-'.time().
'-'.$GLOBALS['REMOTE_ADDR'].
'-'.$GLOBALS['HTTP_USER_AGENT'];
echo "<p>Cypher: " . $Encryption;
$sessionKey="SessionKeyYouChoose"; // Obviously not the one we use....:)
// Fails with TWOFISH but Works with TripleDES
// Code Fail to produce Code.
//$td = mcrypt_module_open(MCRYPT_TWOFISH, "", MCRYPT_MODE_ECB, "");
//$td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
$td = mcrypt_module_open($Encryption, "", MCRYPT_MODE_ECB, "");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
mcrypt_generic_init($td, $sessionKey, $iv);
$encrypted_session_serial = mcrypt_generic($td, $session_serial);
mcrypt_generic_end($td);
$session_serial_hash = md5($encrypted_session_serial.$sessionKey);
$session_serial_cookie = base64_encode($encrypted_session_serial).'-'.$session_serial_h
ash;
return $session_serial_cookie;
}
// If you don't see the time number increasing it is because Apache child seg fault
// Check your apache/logs/error_log that is the problem.
echo "<p>If you don't see the time number increasing it is because Apache child seg fault. <br>
";
echo "Check your apache/logs/error_log (tail -f error_log) and you will see the problem every t
ime you reload.";
echo "<p>Time is: " . time();
$user_id=120804;
//$test = T($user_id, MCRYPT_TWOFISH);
$test = T($user_id, MCRYPT_TripleDES);
echo "<p>Cookie is : $test";
echo "<p>The End";
?>
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Fri May 10 14:01:33 2024 UTC |
Derick, Closer to a solution... Mcrypt Bug is found but not fixed. OK Here is the symptoms: In The PHP Code the function mcrypt_generic_init (td, key_s, key_size,iv_s) is called with key_size=19. (should be 16 and I don't know why yet) This will gives the segfault. Try it in mcrypt-2.4.18/doc/example.c change the line at the beginning of the main int keysize=16; /* 128 bits */ to int keysize=19; /* 128 bits */ Compile and BOOM Crash Segfault. Ok Now why is php thinks the keysize should be 19..... to test check this code: The Culprit code is in <yourphpsource>/ext/mcrypt/mcrypt.c line 494 php-4.1.1 add the two line. You will see that Part 12 will never get executed for twofish. and keysize is 19. added>>> fprintf(stderr, "MCRYPT Debug Part 11\nKey_s:%s, \nKey_Size:%d,\nIV:%s, \nIV_S:%s, \n",key_s, key_size, iv_s); result = mcrypt_generic_init (td, key_s, key_size, iv_s); added>>> fprintf(stderr, "MCRYPT Debug Part 12\n"); Will come back with an answer BGYeap, It is already coded in the internal_init_mcrypt function but a small bug in libmcrypt seem to be present. The free(sizes) is too high up it should be moved down to out of the if/else/else/... I submitted a patch to libmcrypt and wainting for a comment from Nickos. Thanks againDerick, last thing as with the new patch I get no more problem. Here is two test phpt for mcrypt to test this bug See Ya File 002.phpt --TEST-- Bug #15140 Test TripleDES (Should be ok) --SKIPIF-- <?php if (!extension_loaded("mcrypt")) print "skip"; ?> --POST-- --GET-- --FILE-- <?php // Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1 // Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19 (Broken does not pass make check) // When Loading This Page you should see the time and a Cookie Number. // If you test with TWOFISH It give a Segmentation Failure in the Apache Error Log // But Will Work With 3DES. // // I now use libmcrypt 2.4.18 // // Strange. // bguillot@NOSPAMincoretech.com REMOVE NOSPAM // function T ( $user_id, $Encryption ) { $session_serial = $user_id . "A_TEXT_TO_TEST_THE_KEY_GENERATION"; echo "Cypher: " . $Encryption . "\n"; $sessionKey="SessionKeyYouChoose"; // Obviously not the one we use....:) // Fails with TWOFISH but Works with TripleDES // Code Fail to produce Code. $td = mcrypt_module_open($Encryption, "", MCRYPT_MODE_ECB, ""); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND); mcrypt_generic_init($td, $sessionKey, $iv); $encrypted_session_serial = mcrypt_generic($td, $session_serial); mcrypt_generic_end($td); $session_serial_hash = md5($encrypted_session_serial.$sessionKey); $session_serial_cookie = base64_encode($encrypted_session_serial).'-'.$session_serial_hash; return $session_serial_cookie; } // If you don't see the time number increasing it is because Apache child seg fault // Check your apache/logs/error_log that is the problem. $user_id=120804; //$test = T($user_id, MCRYPT_TWOFISH); $test = T($user_id, MCRYPT_TripleDES); echo "Cookie is : $test\n"; echo "The End\n"; ?> --EXPECT-- Cypher: tripledes Cookie is : OXYSlBYiGQb2c65SfOjv1nIGlm9v05aeFUNtMbpCyppWfz2b/LtpPw==-426e3b6216305dac2467bd99c270740e The End File 003.phpt --TEST-- Bug #15140 Test TwoFish with Key not 16,24 or 32. --SKIPIF-- <?php if (!extension_loaded("mcrypt")) print "skip"; ?> --POST-- --GET-- --FILE-- <?php // Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1 // Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19 (Broken does not pass make check) // When Loading This Page you should see the time and a Cookie Number. // If you test with TWOFISH It give a Segmentation Failure in the Apache Error Log // But Will Work With 3DES. // function T ( $user_id, $Encryption ) { $session_serial = $user_id . "A_TEXT_TO_TEST_THE_KEY_GENERATION"; echo "Cypher: " . $Encryption . "\n"; $sessionKey="SessionKeyYouChoose"; // if it is not 16,24 or 32 bytes long would fail with SEGFAULT....:) // 19 Failed bigtime on most CPU. // Fails with TWOFISH but Works with TripleDES // Code Fail to produce Code. $td = mcrypt_module_open($Encryption, "", MCRYPT_MODE_ECB, ""); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND); mcrypt_generic_init($td, $sessionKey, $iv); $encrypted_session_serial = mcrypt_generic($td, $session_serial); mcrypt_generic_end($td); $session_serial_hash = md5($encrypted_session_serial.$sessionKey); $session_serial_cookie = base64_encode($encrypted_session_serial).'-'.$session_serial_hash; return $session_serial_cookie; } // If you don't see the time number increasing it is because Apache child seg fault // Check your apache/logs/error_log that is the problem. $user_id=120804; $test = T($user_id, MCRYPT_TWOFISH); //$test = T($user_id, MCRYPT_TripleDES); echo "Cookie is : $test\n"; echo "The End\n"; ?> --EXPECT-- Cypher: twofish Cookie is : rq6VWCfWb8WtBmVZseA4zBjkC2OEAzfZCI1DotaxgYrFRPT3LZW0WAQQM31XWYsC-4dfc43e86267d859b8a1a64c563bb2da The End