Encrypted fields not displaying properly since PHP upgrade

[CharlieArmor]

Last night I upgraded our Debian server from Lenny to Squeeze. One of the few resulting problems is the effect this has had on the display of Sugar custom fields that were encrypted.

We were running Sugar 5.5.0 under PHP4, the server upgrade moved us to PHP5.

Since the upgrade the custom fields we defined as type "encrypted" are no longer displaying correctly. Instead they are a mix of alpha characters and diamonds containing a question mark (see below).

Code:

j�p�T�A��Z�H�]

I thought the problem may be related to the fact I was trying to run Sugar 5.5.0 under PHP5 so I ran a silent upgrade to 6.0.4 (will move to current release when I've fixed this problem). The upgrade went fine apart from the problem being described, which remained.

When I look directly at the encrypted values in the database they look ok (although still encrypted), I suspect the problem is with the way the values are being decoded and presented in the Sugar web page.

The log file contains the following errors which may or may not be related to the problem I'm seeing

Code:

Mon 12 Dec 2011 18:19:57 GMT [30352][6ce48ae5-259c-e343-441f-44d7ac9163f7][FATAL] Error fetching relationship from cache rtd01_instance_rtd01_instance

RTD01 is the name of the custom module where the encrypted fields are being displayed

I cannot find any information on the wiki or forum about how the encryption of custom fields is implemented or what environment dependencies the encryption has.

Any background information about how encryption is meant to work, or suggestions about the problem are very gratefully received.

[sts]

Did you check the compatibility of your Sugar and PHP versions? E.g. here: Supported Platforms for Sugar 5.5.x | Open Source Business & Social CRM - SugarCRM

[CharlieArmor]

As far as I can tell the environment is ok, since the upgrade we have been running Sugar 6.0.4 on PHP 5.3.3 and MySQL 5.1 :

Output from PHP info:

Code:

PHP Version 5.3.3-7+squeeze3
Linux pod-125 2.6.32-5-686-bigmem #1 SMP Mon Oct 3 05:03:32 UTC 2011 i686
Build Date					Jun 28 2011 13:11:03
Server API					Apache 2.0 Handler
Virtual Directory Support			disabled
Configuration File (php.ini) Path		/etc/php5/apache2
Loaded Configuration File			/etc/php5/apache2/php.ini
Scan this dir for additional .ini files		/etc/php5/apache2/conf.d
Additional .ini files parsed			/etc/php5/apache2/conf.d/curl.ini, /etc/php5/apache2/conf.d/gd.ini, /etc/php5/apache2/conf.d/imap.ini, /etc/php5/apache2/conf.d/mcrypt.ini, /etc/php5/apache2/conf.d/mhash.ini, /etc/php5/apache2/conf.d/mysql.ini, /etc/php5/apache2/conf.d/mysqli.ini, /etc/php5/apache2/conf.d/pdo.ini, /etc/php5/apache2/conf.d/pdo_mysql.ini
PHP API						20090626
PHP Extension					20090626
Zend Extension					220090626
Zend Extension Build				API220090626,NTS
PHP Extension Build				API20090626,NTS
Debug Build					no
Thread Safety					disabled
Zend Memory Manager				enabled
Zend Multibyte Support				disabled
IPv6 Support					enabled
Registered PHP Streams				https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, phar, zip
Registered Stream Socket Transports		tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters			zlib.*, bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk, mcrypt.*, mdecrypt.*

MySQL version

Code:

mysql> SELECT VERSION();
+--------------+
| VERSION()    |
+--------------+
| 5.1.49-3-log |
+--------------+
1 row in set (0.00 sec)

Which meets the pre-requisites defined here:

http://www.sugarcrm.com/crm/products...tforms/60.html

[CharlieArmor]

Been playing with this on and off all day but not getting any closer.

The Blowfish files in ./sugarcache/blowfish/ (rapelcg_svryq.php and VaobhaqRznvy.php) appear to be unchanged by the upgrade.

Can anyone confirm whether or not Sugar uses Blowfish to encrypt / decrypt custom fields when they have data type "Encrypt"

[CharlieArmor]

Have investigated this further by using the following "decode.php" file in the base sugar directory:

PHP Code:

<?php
    require_once 'include/Pear/Crypt_Blowfish/Blowfish.php';
    
    $bf = new Crypt_Blowfish('4fd6964e-4f0e-7ac8-805b-49b11a8387aa');
    $encrypted = $bf->encrypt('test');
    echo 'Encrypted: ' . base64_encode($encrypted) . "\r\n";
    $plainText = $bf->decrypt( base64_decode('sfEovHYIckA='));
    echo 'Decrypted: ' . $plainText . "\r\n";
    
?>

... where the parameter supplied to new Crypt_Blowfish() is the key from cache/blowfish/rapelcg_svryq.php.

This produces the following output when accessed from a browser:

Encrypted: sfEovHYIckA= Decrypted: test

which is as expected as the encrypted value was taken from the database, having been written by the upgraded Sugar application.

However, when the values in "decode.php" are changed to known values that were written to the database by the Sugar application before the upgrade, incorrect values are displayed.

My conclusion from this is that the upgraded Sugar application is encrypting and decrypting in a different way to before the upgrade. Could this be an encryption "salt" variation?

I also checked the files under include/Pear/Blowfish/ before and after and they are identical save for the addition of a "version" class annotation.

[CharlieArmor]

I've run some straces on processes spawned by checking the page with encryption on it. Here are some highlights:

Code:

lstat64("/home/realtime/secure_html/sugar/include/Smarty/internals/core.loa
d_plugins.php", {st_mode=S_IFREG|0755, st_size=4429, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/Smarty/internals",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/Smarty",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields/Su
garFieldHandler.php", {st_mode=S_IFREG|0755, st_size=6114, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
access("custom/include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php",
F_OK) = -1 ENOENT (No such file or directory)
access("include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php", F_OK) =
-1 ENOENT (No such file or directory)
stat64("custom/include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT
(No such file or directory)
stat64("include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT (No
such file or directory)
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields/Su
garFieldHandler.php", {st_mode=S_IFREG|0755, st_size=6114, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
access("custom/include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php",
F_OK) = -1 ENOENT (No such file or directory)
access("include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php", F_OK) =
-1 ENOENT (No such file or directory)
stat64("custom/include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT
(No such file or directory)
stat64("include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT (No
such file or directory)
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields/Su
garFieldHandler.php", {st_mode=S_IFREG|0755, st_size=6114, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/SugarFields",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
access("custom/include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php",
F_OK) = -1 ENOENT (No such file or directory)
access("include/SugarFields/Fields/Encrypt/SugarFieldEncrypt.php", F_OK) =
-1 ENOENT (No such file or directory)
stat64("custom/include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT
(No such file or directory)
stat64("include/SugarFields/Fields/Encrypt", 0xbfec2624) = -1 ENOENT (No
such file or directory)

And another:

Code:

lstat64("/home/realtime/secure_html/sugar/include/Smarty/internals/core.loa
d_plugins.php", {st_mode=S_IFREG|0755, st_size=4429, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/Smarty/internals",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/Smarty",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../include/utils/encrypti
on_utils.php", {st_mode=S_IFREG|0755, st_size=3884, ...}) = 0
access("cache/blowfish", F_OK)		= 0
access("cache/blowfish/rapelcg_svryq.php", F_OK) = 0
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../cache/blowfish/rapelcg
_svryq.php", {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../cache/blowfish",
{st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../cache",
{st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
open("/home/realtime/secure_html/sugar/cache/blowfish/rapelcg_svryq.php",
O_RDONLY|O_LARGEFILE) = 21
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
mmap2(NULL, 106, PROT_READ, MAP_SHARED, 21, 0) = 0xb58da000
munmap(0xb58da000, 106) 		= 0
close(21)				= 0
time(NULL)				= 1323884060
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish/Blowfish/DefaultKey.php", {st_mode=S_IFREG|0755, st_size=18379, ...})
= 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish/Blowfish", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
time(NULL)				= 1323884061
lstat64("/home/realtime/secure_html/sugar/include/../include/utils/encrypti
on_utils.php", {st_mode=S_IFREG|0755, st_size=3884, ...}) = 0
access("cache/blowfish", F_OK)		= 0
access("cache/blowfish/rapelcg_svryq.php", F_OK) = 0
time(NULL)				= 1323884061
lstat64("/home/realtime/secure_html/sugar/include/../cache/blowfish/rapelcg
_svryq.php", {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../cache/blowfish",
{st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../cache",
{st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
open("/home/realtime/secure_html/sugar/cache/blowfish/rapelcg_svryq.php",
O_RDONLY|O_LARGEFILE) = 21
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
fstat64(21, {st_mode=S_IFREG|0775, st_size=106, ...}) = 0
mmap2(NULL, 106, PROT_READ, MAP_SHARED, 21, 0) = 0xb58da000
munmap(0xb58da000, 106) 		= 0
close(21)				= 0
time(NULL)				= 1323884061
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish/Blowfish/DefaultKey.php", {st_mode=S_IFREG|0755, st_size=18379, ...})
= 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish/Blowfish", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear/Crypt_Blo
wfish", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/home/realtime/secure_html/sugar/include/../include/Pear",
{st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
time(NULL)				= 1323884061
lstat64("/home/realtime/secure_html/sugar/include/../include/utils/encrypti
on_utils.php", {st_mode=S_IFREG|0755, st_size=3884, ...}) = 0
access("cache/blowfish", F_OK)		= 0
access("cache/blowfish/rapelcg_svryq.php", F_OK) = 0

So it looks to me as though it is accessing some of the correct files. I wasn't sure whether it should really be using

../sugar/cache/blowfish/VaobhaqRznvy.php

instead of

../sugar/cache/blowfish/rapelcg_svryq.php

but I've tried moving the latter out of the way and recreating it as a symlink to the former. This didn't change anything.

We'd be very grateful on for any pointers on how the Blowfish encryption is applied to custom fields, please let me know if more information would be useful.

[CharlieArmor]

We are slowly and painfully recovering the encrypted data from other sources but are still trying to find a way of decrypting the remaining values.

Any help from those that know how Sugar custom field encryption works would be gratefully received.