php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79983 openssl_encrypt / openssl_decrypt fail with OCB mode
Submitted: 2020-08-16 21:06 UTC Modified: 2020-10-14 13:59 UTC
From: bizxing at web dot de Assigned: nikic (profile)
Status: Closed Package: OpenSSL related
PHP Version: Irrelevant OS: Win 10
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: bizxing at web dot de
New email:
PHP Version: OS:

 

 [2020-08-16 21:06 UTC] bizxing at web dot de
Description:
------------
Although the OCB mode (authenticated encryption) is included in the list of available algorithms (e.g. [33] => aes-256-ocb) it is not properly supported. openssl_encrypt causes the error message: >The authenticated tag cannot be provided for cipher that doesn not support AEAD<. No tag is provided. However, the generated ciphertext seems to be correct. openssl_decrypt returns false. If aes-256-ocb is replaced by e.g. aes-256-gcm, it works as expected.


Test script:
---------------
//echo print_r(openssl_get_cipher_methods(), true);

$plaintext = "The quick brown fox jumps over the lazy dog";
$cipher = 'aes-256-ocb';
$key = '01234567890123456789012345678901';
$iv = '012345678901';

$ciphertext = openssl_encrypt($plaintext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag);
echo "tag (hex): " . bin2hex($tag) . PHP_EOL ;
echo "ciphertext (hex): " . bin2hex($ciphertext) . PHP_EOL ;

$recovered = openssl_decrypt($ciphertext, $cipher, $key, OPENSSL_RAW_DATA, $iv, $tag);
echo "recovered: " . ($recovered == false ? 'false' : $recovered) . PHP_EOL ;


Expected result:
----------------
For the OCB mode, analogous to the GCM/CCM mode, a tag should be generated during encryption (6th parameter, $tag), which is used for authentication during decryption. 

Actual result:
--------------
See description / test script

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-14 10:34 UTC] nikic@php.net
-Status: Open +Status: Verified
 [2020-10-14 10:46 UTC] nikic@php.net
Ah, looks like OCB support was only added in OpenSSL 1.1, and now there are also generic controls like EVP_CTRL_AEAD_SET_TAG, rather then cipher-specific ones.

https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
 [2020-10-14 13:59 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2020-10-14 14:11 UTC] nikic@php.net
The following pull request has been associated:

Patch Name: Add support for OCB mode in OpenSSL
On GitHub:  https://github.com/php/php-src/pull/6337
Patch:      https://github.com/php/php-src/pull/6337.patch
 [2020-10-19 09:10 UTC] nikic@php.net
Automatic comment on behalf of nikita.ppv@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=750a74ed9c8061681dba26ffc779c81b391b7718
Log: Fix bug #79983: Add support for OCB mode
 [2020-10-19 09:10 UTC] nikic@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Oct 27 11:01:22 2020 UTC