php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #68962 No way to retrieve or supply tag when GCM is used
Submitted: 2015-01-30 17:04 UTC Modified: 2015-01-30 20:39 UTC
From: php-mark at zedwood dot com Assigned:
Status: Duplicate Package: OpenSSL related
PHP Version: 5.6.5 OS: ubuntu 14.04
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: php-mark at zedwood dot com
New email:
PHP Version: OS:

 

 [2015-01-30 17:04 UTC] php-mark at zedwood dot com
Description:
------------
When I use:
 $method = 'id-aes128-GCM';
the openssl_decrypt returns false.

However, when I use a different cipher method like 'AES-128-CBC' (like used in 011.phpt) it returns the input string (correct behavior).

So I want to use aes128-GCM because GCM mode is recommended for authenticated encryption.





Test script:
---------------
<?php
error_reporting(E_ALL);
$data = '1234567890ABCDEF';
$method = 'id-aes128-GCM';
$password = 'dCoD........Eu39';
$iv_size = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($iv_size);
$encrypted = openssl_encrypt($data, $method, $password, $options = 0, $iv);
$output = openssl_decrypt($encrypted, $method, $password, $options = 0, $iv);
echo in_array($method, openssl_get_cipher_methods()) ? $method."\n" : "";
echo var_dump($encrypted);
echo var_dump($output);
exit(0);

Expected result:
----------------
id-aes128-GCM
string(24) "lIn8CH5BBWWR/q1WdSf7Pw=="
string(16) "1234567890ABCDEF"

Actual result:
--------------
id-aes128-GCM
string(24) "lIn8CH5BBWWR/q1WdSf7Pw=="
bool(false)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-01-30 19:01 UTC] leigh@php.net
-Summary: openssl_decrypt aes 128 GCM fails +Summary: No way to retrieve or supply tag when GCM is used -Type: Bug +Type: Feature/Change Request
 [2015-01-30 19:01 UTC] leigh@php.net
This isn't a bug as such.

PHP doesn't have a method to retrieve (or use) the GCM tag.

If you try the encryption with a really short plaintext, you can see that the output is far too small to have a GCM tag appended to it.

Changing this to a feature request, and updating the title to better reflect what is required.
 [2015-01-30 19:44 UTC] php-mark at zedwood dot com
This bug was filed for AES-128-GCM, but the fix will probably work for AES-256-GCM, see: https://bugs.php.net/bug.php?id=67304 

When this gets patched, maybe we can test and close both...
 [2015-01-30 20:39 UTC] leigh@php.net
-Status: Open +Status: Duplicate
 [2015-01-30 20:39 UTC] leigh@php.net
Thanks for searching (and making me look bad!) :)

No point having two reports for the same thing, going to close as a duplicate.

Thanks for taking the time to report it.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 22:01:27 2024 UTC