ID: 15140
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Assigned
Bug Type: mcrypt related
Operating System: Redhat 7.2
PHP Version: 4.1.1
Assigned To: derick
New Comment:
Derick,
last thing as with the new patch I get no more problem. Here is two
test phpt for mcrypt to test this bug
See Ya
File 002.phpt
--TEST--
Bug #15140 Test TripleDES (Should be ok)
--SKIPIF--
<?php if (!extension_loaded("mcrypt")) print "skip"; ?>
--POST--
--GET--
--FILE--
<?php
// Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1
// Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19 (Broken does not
pass make check)
// When Loading This Page you should see the time and a Cookie Number.
// If you test with TWOFISH It give a Segmentation Failure in the
Apache Error Log
// But Will Work With 3DES.
//
// I now use libmcrypt 2.4.18
//
// Strange.
// [EMAIL PROTECTED] REMOVE NOSPAM
//
function T ( $user_id, $Encryption ) {
$session_serial = $user_id .
"A_TEXT_TO_TEST_THE_KEY_GENERATION";
echo "Cypher: " . $Encryption . "\n";
$sessionKey="SessionKeyYouChoose"; // Obviously not the one we
use....:)
// Fails with TWOFISH but Works with TripleDES
// Code Fail to produce Code.
$td = mcrypt_module_open($Encryption, "", MCRYPT_MODE_ECB,
"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td),
MCRYPT_RAND);
mcrypt_generic_init($td, $sessionKey, $iv);
$encrypted_session_serial = mcrypt_generic($td,
$session_serial);
mcrypt_generic_end($td);
$session_serial_hash =
md5($encrypted_session_serial.$sessionKey);
$session_serial_cookie =
base64_encode($encrypted_session_serial).'-'.$session_serial_hash;
return $session_serial_cookie;
}
// If you don't see the time number increasing it is because Apache
child seg fault
// Check your apache/logs/error_log that is the problem.
$user_id=120804;
//$test = T($user_id, MCRYPT_TWOFISH);
$test = T($user_id, MCRYPT_TripleDES);
echo "Cookie is : $test\n";
echo "The End\n";
?>
--EXPECT--
Cypher: tripledes
Cookie is :
OXYSlBYiGQb2c65SfOjv1nIGlm9v05aeFUNtMbpCyppWfz2b/LtpPw==-426e3b6216305dac2467bd99c270740e
The End
File 003.phpt
--TEST--
Bug #15140 Test TwoFish with Key not 16,24 or 32.
--SKIPIF--
<?php if (!extension_loaded("mcrypt")) print "skip"; ?>
--POST--
--GET--
--FILE--
<?php
// Problem with TWOFISH and mcrypt under PHP 4.0.6 and 4.1.1
// Tested with libmcrypt 2.4.11 2.4.13 2.4.18 2.4.19 (Broken does not
pass make check)
// When Loading This Page you should see the time and a Cookie Number.
// If you test with TWOFISH It give a Segmentation Failure in the
Apache Error Log
// But Will Work With 3DES.
//
function T ( $user_id, $Encryption ) {
$session_serial = $user_id .
"A_TEXT_TO_TEST_THE_KEY_GENERATION";
echo "Cypher: " . $Encryption . "\n";
$sessionKey="SessionKeyYouChoose"; // if it is not 16,24 or 32
bytes long would fail with SEGFAULT....:)
// 19 Failed bigtime on most
CPU.
// Fails with TWOFISH but Works with TripleDES
// Code Fail to produce Code.
$td = mcrypt_module_open($Encryption, "", MCRYPT_MODE_ECB,
"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td),
MCRYPT_RAND);
mcrypt_generic_init($td, $sessionKey, $iv);
$encrypted_session_serial = mcrypt_generic($td,
$session_serial);
mcrypt_generic_end($td);
$session_serial_hash =
md5($encrypted_session_serial.$sessionKey);
$session_serial_cookie =
base64_encode($encrypted_session_serial).'-'.$session_serial_hash;
return $session_serial_cookie;
}
// If you don't see the time number increasing it is because Apache
child seg fault
// Check your apache/logs/error_log that is the problem.
$user_id=120804;
$test = T($user_id, MCRYPT_TWOFISH);
//$test = T($user_id, MCRYPT_TripleDES);
echo "Cookie is : $test\n";
echo "The End\n";
?>
--EXPECT--
Cypher: twofish
Cookie is :
rq6VWCfWb8WtBmVZseA4zBjkC2OEAzfZCI1DotaxgYrFRPT3LZW0WAQQM31XWYsC-4dfc43e86267d859b8a1a64c563bb2da
The End
Previous Comments:
------------------------------------------------------------------------
[2002-02-01 03:41:07] [EMAIL PROTECTED]
Yeap,
It is already coded in the internal_init_mcrypt function but a
small bug in libmcrypt seem to be present. The free(sizes) is too high
up it should be moved down to out of the if/else/else/... I submitted a
patch to libmcrypt and wainting for a comment from Nickos.
Thanks again
------------------------------------------------------------------------
[2002-02-01 02:51:56] [EMAIL PROTECTED]
Well, PHP works around a lot of those issues in libmcrypt, and
actually, the extension should work around it in this case too IMO. I
guess mcrypt_enc_get_supported_key_sizes should be used in
mcrypt_generic_init in some way.
Can you see if this is feasable?
Derick
------------------------------------------------------------------------
[2002-02-01 02:35:03] [EMAIL PROTECTED]
Problem found in libmcrypt...
The cause of the SEGFAULT is due to the key being of the wrong length.
The only accepted values for key length are 16,24 and 32 bytes.
Otherwise this cause libmcrypt to generate a segfault for twofish.
Hope to find a way to correct libmcrypt to report gracefully that the
key length is wrong. If not it may need to be implemented in php (That
would be the BAD Way of doing it).
BG
------------------------------------------------------------------------
[2002-02-01 01:17:16] [EMAIL PROTECTED]
Derick,
Closer to a solution...
Mcrypt Bug is found but not fixed.
OK Here is the symptoms:
In The PHP Code the function mcrypt_generic_init (td, key_s,
key_size,iv_s) is called with key_size=19. (should be 16 and I don't
know why yet)
This will gives the segfault.
Try it in mcrypt-2.4.18/doc/example.c
change the line at the beginning of the main
int keysize=16; /* 128 bits */ to
int keysize=19; /* 128 bits */
Compile and BOOM Crash Segfault.
Ok Now why is php thinks the keysize should be 19.....
to test check this code:
The Culprit code is in <yourphpsource>/ext/mcrypt/mcrypt.c line 494
php-4.1.1
add the two line. You will see that Part 12 will never get executed for
twofish.
and keysize is 19.
added>>> fprintf(stderr, "MCRYPT Debug Part 11\nKey_s:%s,
\nKey_Size:%d,\nIV:%s, \nIV_S:%s, \n",key_s, key_size, iv_s);
result = mcrypt_generic_init (td, key_s, key_size, iv_s);
added>>> fprintf(stderr, "MCRYPT Debug Part 12\n");
Will come back with an answer
BG
------------------------------------------------------------------------
[2002-01-21 09:48:24] [EMAIL PROTECTED]
To be completely clear, Derick asked to file a bugreport in the
PHP-bugs-system about mcrypt not passing some PHP-tests, not to send
the mcrypt-folks a bugreport.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/?id=15140
Edit this bug report at http://bugs.php.net/?id=15140&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
