Fix security vulnerbilities.

Fix possible length extension attack, predicable generators, timing attacks on hash comparision and improved formatting.
2025-05-03 03:04:23 +02:00 · 2019-10-10 15:21:41 -08:00 · 2019-10-10 15:21:41 -08:00 · 811cdcdfcb
commit 811cdcdfcb
parent 50fa119f79
8 changed files with 455 additions and 332 deletions
--- a/src/Network/FKOAuthDataStore.php
+++ b/src/Network/FKOAuthDataStore.php
@ -29,7 +29,7 @@ class FKOAuthDataStore extends OAuthDataStore
 	 */
 	private static function genToken()
 	{
-		return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
+		return bin2hex(random_bytes(16));
 	}

 	/**
@ -119,7 +119,8 @@ class FKOAuthDataStore extends OAuthDataStore
 				'secret' => $sec,
 				'client_id' => $k,
 				'scope' => 'request',
-				'expires' => time() + REQUEST_TOKEN_DURATION]
+				'expires' => time() + REQUEST_TOKEN_DURATION
+			]
 		);

 		if (!$r) {
@ -162,7 +163,8 @@ class FKOAuthDataStore extends OAuthDataStore
 					'client_id' => $consumer->key,
 					'scope' => 'access',
 					'expires' => time() + ACCESS_TOKEN_DURATION,
-					'uid' => $uverifier]
+					'uid' => $uverifier
+				]
 			);

 			if ($r) {