Fri, 10 Apr 2026 17:52:44 +0000 https://bugs.horde.org/ticket/8425 Poor salt generation for crypt-* In lib/Horde/Auth.php, the function getSalt uses a poor algorithm for generating salts for crypt-*. crypt allows, at the very least, all Base64 characters in the salt, but the current algorithm only generates hexadecimal digits. Furthermore, for crypt-md5, 8 bytes of salt is permitted, so there are 64^8 = 2^48 possible salt values (if we only allow Base64 characters), but on most systems, mt_rand() only generates 2^31 different values, so the current algorithm generates at most 2^31 different salt values. A better algorithm would use, for example, base64_encode(md5(sprintf('%08X%08X', mt_rand(), mt_rand()), TRUE)) instead of just md5(mt_rand()). Fri, 10 Jul 2009 05:50:12 +0000 https://bugs.horde.org/ticket/8425#t54894 I think the code has changed a bit in the latest version. I've got this for the crypt-md5 case: diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index 8a5695a..fce7771 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -266,7 +266,7 @@ class Horde_Auth case 'crypt-md5': return $seed ? substr(preg_replace('|^{crypt}|i', '', $seed), 0, 12) - : '$1$' . substr(hash('md5', mt_rand()), 0, 8) . '$'; + : '$1$' . base64_encode(hash('md5', sprintf('%08X%08X', mt_rand(), mt_rand()), true)) . '$'; case 'crypt-blowfish': return $seed What would you suggest for crypt and crypt-des? It's currently: case 'crypt': case 'crypt-des': return $seed ? substr(preg_replace('|^{crypt}|i', '', $seed), 0, 2) : substr(hash('md5', mt_rand()), 0, 2); Thanks! Sat, 11 Jul 2009 16:57:59 +0000 https://bugs.horde.org/ticket/8425#t54905 Also crypt-blowfish Sat, 11 Jul 2009 16:58:22 +0000 https://bugs.horde.org/ticket/8425#t54906 A similar thing should be fine - substr(base64_encode(hash('md5', mt_rand(), true)), 0, 2) for example. (It would be best to not use a MD5 at all and just use the random numbers directly, but I'm not sure how to do that.) I don't know what the salt requirements for crypt-blowfish are. Sun, 12 Jul 2009 02:22:36 +0000 https://bugs.horde.org/ticket/8425#t54921 Committed the crypt-md5 change: http://git.horde.org/diff.php/framework/Auth/lib/Horde/Auth.php?rt=horde-git&r1=83ba16e6c0ec3c989eab0a81fcda06978ddef8a1&r2=e57680006a7a0c33f08a94e05ebf7c69b486d401 Mon, 20 Jul 2009 18:23:43 +0000 https://bugs.horde.org/ticket/8425#t55004 Added changes for crypt, crypt-des, and crypt-blowfish also. Thanks! Tue, 08 Sep 2009 03:01:13 +0000 https://bugs.horde.org/ticket/8425#t55684 More salt improvements - use all base64 characters (not just hex) for crypt, crypt-des, and crypt-blowfish (Bug #8425). Tue, 08 Sep 2009 08:41:00 +0000 https://bugs.horde.org/ticket/8425#t55686 Changes have been made in CVS for this ticket: More salt improvements - use all base64 characters (not just hex) for crypt, crypt-des, and crypt-blowfish (Bug #8425). http://git.horde.org/diff.php/framework/Auth/lib/Horde/Auth.php?rt=horde-git&r1=4ef82a9d67556dda442771964a32ce5d8a6a581d&r2=7a49e649d831346749ac5ddb0a8e4ef16f11d414 Tue, 08 Sep 2009 09:08:43 +0000 https://bugs.horde.org/ticket/8425#t55687