HMAC MD5

[Previondev-123]

I found this function (SMTP.php) that encrypts in md5 with a static code analyzer (snyk). The vulnerability is categorized as low level.

protected function hmac($data, $key)
   {
       if (function_exists('hash_hmac')) {
           return hash_hmac('md5', $data, $key);
       }

       // The following borrowed from
       // http://php.net/manual/en/function.mhash.php#27225

       // RFC 2104 HMAC implementation for php.
       // Creates an md5 HMAC.
       // Eliminates the need to install mhash to compute a HMAC
       // by Lance Rushing

       $bytelen = 64; // byte length for md5
       if (strlen($key) > $bytelen) {
           $key = pack('H*', md5($key));
       }
       $key = str_pad($key, $bytelen, chr(0x00));
       $ipad = str_pad('', $bytelen, chr(0x36));
       $opad = str_pad('', $bytelen, chr(0x5c));
       $k_ipad = $key ^ $ipad;
       $k_opad = $key ^ $opad;

       return md5($k_opad . pack('H*', md5($k_ipad . $data)));
   }

With this configuration in SHA-256 this vulnerability is removed

protected function hmac($data, $key)
    {
        if (function_exists('hash_hmac')) {
            return hash_hmac('sha256', $data, $key);
        }

        // RFC 2104 HMAC implementation for php.
        // Creates an sha-256 HMAC.
        // Eliminates the need to install mhash to compute a HMAC
        // by Lance Rushing

        $bytelen = 64; //byte length per SHA-256
        if (strlen($key) > $bytelen) {
            $key = pack('H*', hash('sha256', $key));
        }
        $key = str_pad($key, $bytelen, chr(0x00));
        $ipad = str_pad('', $bytelen, chr(0x36));
        $opad = str_pad('', $bytelen, chr(0x5c));
        $k_ipad = $key ^ $ipad;
        $k_opad = $key ^ $opad;

        return hash('sha256', $k_opad . pack('H*', hash('sha256', $k_ipad . $data)));
    }

It's probably just a false positive of the program but I think sha256 is a better encryption system regardless

[Synchro]

Yes, SHA256 is a better function, however, this code is there to implement CRAM-MD5, a protocol that explicitly requires MD5, so no, it can't be changed.

Separately, neither of these are encryption, they are hash functions that here are used within an HMAC algorithm.