php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74116 AES-256-GCM not working with uppercase cipher name
Submitted: 2017-02-17 06:15 UTC Modified: 2017-02-17 12:52 UTC
From: er dot haridarshan at gmail dot com Assigned:
Status: Not a bug Package: OpenSSL related
PHP Version: 7.1Git-2017-02-17 (snap) OS: Fedora 24
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: er dot haridarshan at gmail dot com
New email:
PHP Version: OS:

 

 [2017-02-17 06:15 UTC] er dot haridarshan at gmail dot com
Description:
------------
As of 7.1.0, when trying to use AES-256-GCM algorithm with openssl_cipher_iv_length getting warning as 

PHP Warning:  openssl_cipher_iv_length(): Unknown cipher algorithm

And as mentioned in changelog of 7.1.0 

OpenSSL:
   Implemented FR #67304 (Added AEAD support [CCM and GCM modes] to openssl_encrypt and openssl_decrypt).

this should work but its not working

Test script:
---------------
function encrypt($algo = 'AES-256-GCM')
{
    $key = random_bytes(32);    // 256 bits
    $iv = random_bytes(openssl_cipher_iv_length($algo));

    $ciphertext = openssl_encrypt(
        random_bytes(1024 * 1024 * 10), 
        $algo, 
        $key, 
        OPENSSL_RAW_DATA, 
        $iv,
        $tag
    );
        
    return $ciphertext;
}

$cipherText = encrypt();


Expected result:
----------------
Exepected Result is the cipherText

Actual result:
--------------
PHP Warning:  openssl_cipher_iv_length(): Unknown cipher algorithm in /var/www/test/aes.php on line 13

Warning: openssl_cipher_iv_length(): Unknown cipher algorithm in /var/www/test/aes.php on line 13
PHP Fatal error:  Uncaught Error: Length must be greater than 0 in /var/www/test/aes.php:13
Stack trace:
#0 /var/www/test/aes.php(13): random_bytes(false)
#1 /var/www/test/aes.php(41): encrypt('Hello')
#2 {main}
  thrown in /var/www/test/aes.php on line 13

Fatal error: Uncaught Error: Length must be greater than 0 in /var/www/test/aes.php:13
Stack trace:
#0 /var/www/test/aes.php(13): random_bytes(false)
#1 /var/www/test/aes.php(41): encrypt('Hello')
#2 {main}
  thrown in /var/www/test/aes.php on line 13

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-02-17 06:21 UTC] er dot haridarshan at gmail dot com
Sorry didn't noticed algorithm names are case-sensitive. But aren't they supposed to case-insensitive?
 [2017-02-17 08:28 UTC] requinix@php.net
-Status: Open +Status: Feedback
 [2017-02-17 08:28 UTC] requinix@php.net
I assume using a lowercase name works, then? Does openssl_get_cipher_methods() also return the uppercase version?
 [2017-02-17 12:22 UTC] er dot haridarshan at gmail dot com
-Status: Feedback +Status: Open
 [2017-02-17 12:22 UTC] er dot haridarshan at gmail dot com
Yeah lowercase works. 

openssl_get_cipher_methods();

returns values algorithm names in capital as well as lower-case but not of aes-256-gcm and few others.

Here is the sample output 
    [16] => AES-256-CBC
    [17] => AES-256-CBC-HMAC-SHA1
    [18] => AES-256-CFB
    [19] => AES-256-CFB1
    [20] => AES-256-CFB8
    [21] => AES-256-CTR
    [22] => AES-256-ECB
    [23] => AES-256-OFB
    [24] => AES-256-XTS
---------------------------------
    [101] => aes-256-cbc
    [102] => aes-256-cbc-hmac-sha1
    [103] => aes-256-ccm
    [104] => aes-256-cfb
    [105] => aes-256-cfb1
    [106] => aes-256-cfb8
    [107] => aes-256-ctr
    [108] => aes-256-ecb
    [109] => aes-256-gcm
    [110] => aes-256-ofb
    [111] => aes-256-xts

As you can see aes-256-cbc is returned both in lower-case and upper-case then why not AES-256-GCM
 [2017-02-17 12:52 UTC] requinix@php.net
-Summary: AES-256-GCM not working +Summary: AES-256-GCM not working with uppercase cipher name -Status: Open +Status: Not a bug
 [2017-02-17 12:52 UTC] requinix@php.net
PHP returns whatever OpenSSL says says without any processing so that would be a question for their project.

If you look in their source they have a list of all the ciphers they support
  https://github.com/openssl/openssl/blob/master/crypto/objects/obj_dat.h
and each has two names it can be referenced by:
  {"AES-256-CBC", "aes-256-cbc", NID_aes_256_cbc, 9, &so[3132]},
  {"id-aes256-GCM", "aes-256-gcm", NID_aes_256_gcm, 9, &so[5886]},

The RFC which defined AES-GCM
  https://tools.ietf.org/html/rfc5084
uses an identifier "id-aes256-GCM" in the spec so I would guess that OpenSSL borrowed that as an official name and created the lowercase "aes-256-gcm" as a nicer alternative.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Fri Jul 04 11:01:37 2025 UTC