|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79983 openssl_encrypt / openssl_decrypt fail with OCB mode
Submitted: 2020-08-16 21:06 UTC Modified: 2020-10-14 13:59 UTC
From: bizxing at web dot de Assigned: nikic (profile)
Status: Closed Package: OpenSSL related
PHP Version: Irrelevant OS: Win 10
Private report: No CVE-ID: None
 [2020-08-16 21:06 UTC] bizxing at web dot de
Although the OCB mode (authenticated encryption) is included in the list of available algorithms (e.g. [33] => aes-256-ocb) it is not properly supported. openssl_encrypt causes the error message: >The authenticated tag cannot be provided for cipher that doesn not support AEAD<. No tag is provided. However, the generated ciphertext seems to be correct. openssl_decrypt returns false. If aes-256-ocb is replaced by e.g. aes-256-gcm, it works as expected.

Test script:
//echo print_r(openssl_get_cipher_methods(), true);

$plaintext = "The quick brown fox jumps over the lazy dog";
$cipher = 'aes-256-ocb';
$key = '01234567890123456789012345678901';
$iv = '012345678901';

$ciphertext = openssl_encrypt($plaintext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag);
echo "tag (hex): " . bin2hex($tag) . PHP_EOL ;
echo "ciphertext (hex): " . bin2hex($ciphertext) . PHP_EOL ;

$recovered = openssl_decrypt($ciphertext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag);
echo "recovered: " . ($recovered == false ? 'false' : $recovered) . PHP_EOL ;

Expected result:
For the OCB mode, analogous to the GCM/CCM mode, a tag should be generated during encryption (6th parameter, $tag), which is used for authentication during decryption. 

Actual result:
See description / test script


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-14 10:34 UTC]
-Status: Open +Status: Verified
 [2020-10-14 10:46 UTC]
Ah, looks like OCB support was only added in OpenSSL 1.1, and now there are also generic controls like EVP_CTRL_AEAD_SET_TAG, rather then cipher-specific ones.
 [2020-10-14 13:59 UTC]
-Assigned To: +Assigned To: nikic
 [2020-10-14 14:11 UTC]
The following pull request has been associated:

Patch Name: Add support for OCB mode in OpenSSL
On GitHub:
 [2020-10-19 09:10 UTC]
Automatic comment on behalf of
Log: Fix bug #79983: Add support for OCB mode
 [2020-10-19 09:10 UTC]
-Status: Verified +Status: Closed
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Oct 27 11:01:22 2020 UTC