|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2020-08-16 21:06 UTC] bizxing at web dot de
Description: ------------ Although the OCB mode (authenticated encryption) is included in the list of available algorithms (e.g. [33] => aes-256-ocb) it is not properly supported. openssl_encrypt causes the error message: >The authenticated tag cannot be provided for cipher that doesn not support AEAD<. No tag is provided. However, the generated ciphertext seems to be correct. openssl_decrypt returns false. If aes-256-ocb is replaced by e.g. aes-256-gcm, it works as expected. Test script: --------------- //echo print_r(openssl_get_cipher_methods(), true); $plaintext = "The quick brown fox jumps over the lazy dog"; $cipher = 'aes-256-ocb'; $key = '01234567890123456789012345678901'; $iv = '012345678901'; $ciphertext = openssl_encrypt($plaintext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag); echo "tag (hex): " . bin2hex($tag) . PHP_EOL ; echo "ciphertext (hex): " . bin2hex($ciphertext) . PHP_EOL ; $recovered = openssl_decrypt($ciphertext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag); echo "recovered: " . ($recovered == false ? 'false' : $recovered) . PHP_EOL ; Expected result: ---------------- For the OCB mode, analogous to the GCM/CCM mode, a tag should be generated during encryption (6th parameter, $tag), which is used for authentication during decryption. Actual result: -------------- See description / test script PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Oct 31 03:00:01 2025 UTC |
This patch breaks libressl compilation because OCB is not supported by libressl at this time. One fix is to check that EVP_CIPH_OCB_MODE is also defined when checking openssl version line 6496 of ext/openssl/openssl.c int cipher_mode = EVP_CIPHER_mode(cipher_type); memset(mode, 0, sizeof(struct php_openssl_cipher_mode)); switch (cipher_mode) { -#if PHP_OPENSSL_API_VERSION >= 0x10100 +#if PHP_OPENSSL_API_VERSION >= 0x10100 && defined(EVP_CIPH_OCB_MODE) case EVP_CIPH_GCM_MODE: case EVP_CIPH_OCB_MODE: case EVP_CIPH_CCM_MODE: