Gehe zu deutscher Webseite

ViaThinkSoft CodeLib

This article is in:
CodeLibProgramming aidsPHP

Following method of signing a value is vulnerable, because a Length Extension Attack can be performed:

<?php define('SECRET', ...);
if (
$_REQUEST['validation'] == sha1(SECRET.$_REQUEST['email'])) {
    echo 
"Logged in as ".$_REQUEST['email'];
} else {
    echo 
"Access denied";
?>

Following method is still vulnerable because the HTTP-argument 'email' can be passed as array (&email[]=...) which will result in hash_hmac returning NULL. Also, the comparison is vulnerable to type juggling and timing attack.

<?php define('SECRET', ...);
if (
$_REQUEST['validation'] == hash_hmac('sha256'$_REQUEST['email'], SECRET)) {
    echo 
"Logged in as ".$_REQUEST['email'];
} else {
    echo 
"Access denied";
?>

Following method is safe (as far as I know):

<?php define('SECRET', ...);
if (
hash_equals($_REQUEST['validation'], hash_hmac('sha256'$_REQUEST['email'], SECRET))) {
    echo 
"Logged in as ".$_REQUEST['email'];
} else {
    echo 
"Access denied";
?>
Daniel Marschall
ViaThinkSoft Co-Founder