PHP :: Request #68962 :: No way to retrieve or supply tag when GCM is used

Request #68962	No way to retrieve or supply tag when GCM is used
Submitted:	2015-01-30 17:04 UTC	Modified:	2015-01-30 20:39 UTC
From:	php-mark at zedwood dot com	Assigned:
Status:	Duplicate	Package:	OpenSSL related
PHP Version:	5.6.5	OS:	ubuntu 14.04
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2015-01-30 17:04 UTC] php-mark at zedwood dot com

Description:
------------
When I use:
 $method = 'id-aes128-GCM';
the openssl_decrypt returns false.

However, when I use a different cipher method like 'AES-128-CBC' (like used in 011.phpt) it returns the input string (correct behavior).

So I want to use aes128-GCM because GCM mode is recommended for authenticated encryption.





Test script:
---------------
<?php
error_reporting(E_ALL);
$data = '1234567890ABCDEF';
$method = 'id-aes128-GCM';
$password = 'dCoD........Eu39';
$iv_size = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($iv_size);
$encrypted = openssl_encrypt($data, $method, $password, $options = 0, $iv);
$output = openssl_decrypt($encrypted, $method, $password, $options = 0, $iv);
echo in_array($method, openssl_get_cipher_methods()) ? $method."\n" : "";
echo var_dump($encrypted);
echo var_dump($output);
exit(0);

Expected result:
----------------
id-aes128-GCM
string(24) "lIn8CH5BBWWR/q1WdSf7Pw=="
string(16) "1234567890ABCDEF"

Actual result:
--------------
id-aes128-GCM
string(24) "lIn8CH5BBWWR/q1WdSf7Pw=="
bool(false)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-01-30 19:01 UTC] leigh@php.net

-Summary: openssl_decrypt aes 128 GCM fails +Summary: No way to retrieve or supply tag when GCM is used -Type: Bug +Type: Feature/Change Request

[2015-01-30 19:01 UTC] leigh@php.net

This isn't a bug as such.

PHP doesn't have a method to retrieve (or use) the GCM tag.

If you try the encryption with a really short plaintext, you can see that the output is far too small to have a GCM tag appended to it.

Changing this to a feature request, and updating the title to better reflect what is required.

[2015-01-30 19:44 UTC] php-mark at zedwood dot com

This bug was filed for AES-128-GCM, but the fix will probably work for AES-256-GCM, see: https://bugs.php.net/bug.php?id=67304 

When this gets patched, maybe we can test and close both...

[2015-01-30 20:39 UTC] leigh@php.net

-Status: Open +Status: Duplicate

[2015-01-30 20:39 UTC] leigh@php.net

Thanks for searching (and making me look bad!) :)

No point having two reports for the same thing, going to close as a duplicate.

Thanks for taking the time to report it.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 21:01:36 2024 UTC