8

i used openssl_encrypt and openssl_decrypt function but the decrypt part is not returning any value, whereas using the same key Encrypt is working fine. here is the function which i used. the variable $decrypted always return a null . every small help will be appreciated

function deCryption($value)
{

    $methods = openssl_get_cipher_methods();
    $clefSecrete = "flight";
    echo '<pre>';
    foreach ($methods as $method) {
        //$encrypted = openssl_encrypt($texteACrypter, $method, $clefSecrete); ----this was used for encryption
        $decrypted = openssl_decrypt($value, $method, $clefSecrete);
        echo "value=".$decrypted;
        echo $method . ' : '. $decrypted . "\n";
        break;
    }
    echo '</pre>';
    return $decrypted;
}
Improve this question
3
  • Does it emit an E_WARNING? Make sure you have warnings turned on with error_reporting(E_ALL); Commented Aug 8, 2013 at 12:32
  • 1
    Might be helpful if you did openssl_error_string() as well. Commented Aug 8, 2013 at 23:00
  • i tried by turning on error_reporting(E_ALL); but it emits no warning. it is just sending blank Commented Aug 9, 2013 at 12:11

1 Answer 1

Reset to default
8

I had exactly the same problem, I then googled my question and ended up here, on the same question that I had asked. So I had to search elsewhere.

I found this article useful in explaining the shortcoming of the official php documentation. Another article with similar content is here.

In the end it boils down to the key/password. What the openssl_encrypt library expects is a key NOT A PASSWORD. And the size of key must be the size of cipher’s intrinsic key size. The first article says if you provide a longer key, the excess is discarded and a key shorter than expected is padded with zero, i.e. \x00 bytes. I have not tested this fact.

I have edited your code to read as below.

The idea I have used is that the size of the initial vector that a cipher expects is also the size of the key it expects. So here, I am passing a key not a password as you were doing. Simply find a way turning your password into a key.

In your code, you did not pass options and the iv (initialization vector).

The iv is a string the cipher 'mixes' with the plaintext before encryption. So what the cipher encrypts is this 'mixture'. Is this important? Yes! Without this 'mixing', a pair of identical plaintexts would result into a pair of identical ciphertexts, which can lead to an attack; if two identical plaintext-ciphertext pairs are not from the same user, these two users are using the same key! A unique iv for each plaintext therefore ensures that no two plaintexts result into identical ciphertexts. In other words, the iv is a salt.

    $plaintext = 'Testing OpenSSL Functions';
    $methods = openssl_get_cipher_methods();
    //$clefSecrete = 'flight';
    echo '<pre>';       
    foreach ($methods as $method) {
        $ivlen = openssl_cipher_iv_length($method);
        $clefSecrete = openssl_random_pseudo_bytes($ivlen);
        $iv = openssl_random_pseudo_bytes($ivlen);

        $encrypted = openssl_encrypt($plaintext, $method, $clefSecrete, OPENSSL_RAW_DATA, $iv);
        $decrypted = openssl_decrypt($encrypted, $method, $clefSecrete, OPENSSL_RAW_DATA, $iv);
        echo 'plaintext='.$plaintext. "\n";
        echo 'cipher='.$method. "\n";
        echo 'encrypted to: '.$encrypted. "\n";
        echo 'decrypted to: '.$decrypted. "\n\n";
    }
    echo '</pre>';
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The question is 3 years old and the author is not to be seen on SO for quite a while. While you did answer the question when it comes to encryption, you opened the Pandora's box because people who stumble upon this answer will copy paste it. The answer doesn't mention anything about the importance of initialization vector, why it has to be different every time you encrypt data and such - I suggest you add that as well, to make the answer complete.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.