|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
[2017-02-17 09:36 UTC] andrew dot nester dot dev at gmail dot com
[2017-02-17 20:23 UTC] nikic@php.net
[2017-02-17 20:23 UTC] nikic@php.net
-Status: Open
+Status: Closed
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Oct 27 15:00:01 2025 UTC |
Description: ------------ Encrypting an empty string in AES-256-GCM should return an empty string and valid tag but instead it returns 32 bytes of data from memory which could leak information. Test script: --------------- $aad = random_bytes(32); $iv = random_bytes(16); $key = random_bytes(32); $plaintext = ''; $tag = null; $ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, \OPENSSL_RAW_DATA, $iv, $tag, $aad); // $ciphertext should be an empty string but it is not in PHP 7.1.* // Instead it returns random data from memory! printf("ciphertext=%s, tag=%s", bin2hex($ciphertext), bin2hex($tag)); Expected result: ---------------- An empty string must be returned Actual result: -------------- A 32-byte string from memory is returned