CODEWITHSUNDEEP
phpencryption
Fastbuilder575
Fastbuilder575

Reputation: 45

openssl_decrypt not working as expected

I have written 2 functions to encrypt and decrypt data with openssl

I get the same return value for my teststring if I use openssl_encrypt directly or if I use my function.

The problem is the decryption. The decryption only works if I use openssl_encrypt directly without the function. If i use the function to encrypt the data I only get a empty response from the decryption.

My code is the following:

$key = base64_decode("PRIV KEY");
$cipher = "aes-256-gcm";
$iv = base64_decode("BASE64 encoded IV ");
$tag = base64_decode("BASE64 encoded TAG ");

function mc_encrypt($plaintext,$cipher, $key, $iv, $tag){
    $encrypted_text = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
    return $encrypted_text; 
}

function mc_decrypt($encrypted_text ,$cipher, $key, $iv, $tag){
    $decrypted_text = openssl_decrypt($encrypted_text, $cipher, $key, $options=0, $iv, $tag);
    return $decrypted_text; 
}

$test = "Teststring";

// Success Message is returned
$encrypted = openssl_encrypt($test, $cipher, $key, $options=0, $iv, $tag);
// Success Message is NOT returned
$encrypted = mc_encrypt($test, $cipher, $key, $iv, $tag);

$decrypted = mc_decrypt($encrypted, $cipher, $key, $iv, $tag);
if($decrypted == $test)
{
echo "Success!";
}

Upvotes: 2

Views: 2223

Answers (3)

Pawan Verma
Pawan Verma

Reputation: 1269

You can use below methods to encrypt and decrypt data in php:

    //Define cipher
    $cipher = "AES-256-CBC";

    //Generate a 256-bit encryption key
    $key = "dhu-enc2022";

    // Data Array key with parameter
    $plaintext = json_encode(array("name"=>"Abhishek Kumar","email"=>"[email protected]","mobile"=>"1234567890"));

    //For encryption
    $ivlen=openssl_cipher_iv_length($cipher);
    $iv=openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw=openssl_encrypt($plaintext,$cipher,$key,$options=OPENSSL_RAW_DATA,$iv);
    $hmac=hash_hmac('sha256',$ciphertext_raw,$key,$as_binary=true);
    $ciphertext=base64_encode($iv.$hmac.$ciphertext_raw);


    //For decrypt on the other end
    $c=base64_decode($r->ciphertext);
    $ivlen=openssl_cipher_iv_length($cipher);
    $iv=substr($c,0,$ivlen);
    $hmac=substr($c,$ivlen,$sha2len=32);
    $ciphertext_raw=substr($c,$ivlen+$sha2len);
    $original_plaintext=openssl_decrypt($ciphertext_raw,$cipher,$key,$options=OPENSSL_RAW_DATA,$iv);
    $calcmac=hash_hmac('sha256',$ciphertext_raw,$key,$as_binary=true);


    print_r($original_plaintext);

Reference Link:- encryption and decryption in php

Upvotes: 0

sujay kundu
sujay kundu

Reputation: 11

I also face same issue. This type of issue is coming due to lack of documentation in PHP library.

This is the issue of $tag which is generating depending on the $plaintext. whatever value you assign in $tag will replace during encryption. print $tag after encryption and keep it safe and during decryption use that $tag value. it will work fine.

Upvotes: 1

Piyush Sharma
Piyush Sharma

Reputation: 651

I know this is the old question but if someone is facing the same issue then try to change the $options parameter in the openssl_decrypt function that will return back you the decrypted data.

For example decryption in OpenSSL could be done by using the flag: OPENSSL_ZERO_PADDING

openssl_decrypt($encrypted_text, $cipher, $key, OPENSSL_ZERO_PADDING, $iv);

whereas flag: OPENSSL_RAW_DATA is mostly used to encrypt the plaintext in openssl_encrypt

Example: openssl_encrypt($data, $cipher, $key, OPENSSL_RAW_DATA, $iv);

Upvotes: 0

Related Questions