php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #78608 Security error in documentation
Submitted: 2019-09-29 07:41 UTC Modified: 2019-10-02 17:09 UTC
Votes:3
Avg. Score:4.0 ± 0.8
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: gcleaves at gmail dot com Assigned:
Status: Open Package: *Encryption and hash functions
PHP Version: Irrelevant OS: n/a
Private report: No CVE-ID: None
 [2019-09-29 07:41 UTC] gcleaves at gmail dot com
Description:
------------
---
From manual page: https://php.net/function.openssl-encrypt
---
Please note that at the time of writing this, there is an important and naive security vulnerability in "Example #2 AES Authenticated Encryption example for PHP 5.6+".

You MUST include the IV when calculating the HMAC. Otherwise, somebody could alter the IV during transport, thereby changing the decrypted message while maintaining HMAC integrity. An absolute disaster.

To fix the example, the HMAC should be calculated like this:

<?php
$hmac = hash_hmac('sha256', $iv.$ciphertext_raw, $key, $as_binary=true);
?>

And to confirm the HMAC later:

<?php
$calcmac = hash_hmac('sha256', $iv.$ciphertext_raw, $key, $as_binary=true);
?>


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-10-02 17:00 UTC] henry dot paradiz at gmail dot com
Just to confirm: you do understand that HMAC is no longer supported by PHP; therefore, we must use CBC with message|key. In addition, because we are now using the CBC standard we no longer need to worry about the IV. MD5 and Sha-1 are really what did it out with HMAC, highly crackable, highly incorrect. You can use the following line of code as a replacement:

<?php 

if( 1==1 ) {

$password = 'plainText';

$cbc = hash_cbc('sha256', $password);

echo $cbc.$password; 

} else {

// do HMAC (in an older PHP version like 5.3)
}


?>
 [2019-10-02 17:09 UTC] requinix@php.net
> Just to confirm: you do understand that HMAC is no longer supported by PHP;
Uh, what?
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 14:01:29 2024 UTC