I'm having problem with decrypting
I have
$key="Gwu078980";
$cipher="aes-128-gcm";
$iv=md5($cipher);
$text="yaw0";
$tag="";
echo $encrypted=openssl_encrypt($text, $cipher, $key, 0, $iv, $tag);
echo $de_ciphertext=openssl_decrypt($encrypted, $cipher, $key, 0, $iv, $tag);
Output
ELRmWQ==
yaw0
So the raw text is yaw0 and the encrypted is ELRmWQ== and the decrypted is yaw0 so perfect.
But when I manually copy the encrypted text and use it as
$encrypted ="ELRmWQ==";
And I run the decryption
the decryption returns null.
Thanks in advance for anyone to help me out.
Your openssl_encrypt message modifies $tag by reference since you're using aes-128-gcm.
That parameter is required for openssl_decrypt aswell (when using AEAD - Authenticated Encryption and Decryption) and is probably an empty string in your case when you omit the openssl_encrypt call.
See Example 1 in the docs:
The comment about storing $cipher, $iv, and $tag is the important part:
<?php
//$key should have been previously generated in a cryptographically safe way, like openssl_random_pseudo_bytes
$plaintext = "message to be encrypted";
$cipher = "aes-128-gcm";
if (in_array($cipher, openssl_get_cipher_methods()))
{
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
//store $cipher, $iv, and $tag for decryption later
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
echo $original_plaintext."\n";
}
?>
Related
I have this PHP Code for encryption and decryption. This is using OpenSSL
<?php
//$key should have been previously generated in a cryptographically safe way, like
openssl_random_pseudo_bytes
$plaintext = "message to be encrypted";
$cipher = "aes-128-gcm";
if (in_array($cipher, openssl_get_cipher_methods()))
{
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
//store $cipher, $iv, and $tag for decryption later
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
echo $original_plaintext."\n";
}
?>
When you run this on your browser and refresh the page the encryption changes. So I want to know how do I use a check like if statement to see if the user input plain text matches the encrypted text.
The following script works fine. The zip is encrypted, txt file created, and immediately decrypted successfully, and the new zip is created successfully.
However, if I run the decrypt portion only subsequently, it fails to decrypt the txt file. It returns an empty $original_plaintext variable and the final zip has size 0. The $key and $iv are not changed for the second run. Security is not the issue - I just need a scrambled text file and then need to be able to decrypt it later.
$key = "sometext";
$iv = "someothertext";
$cipher = "aes-128-gcm";
$tag = NULL;
$fileRoot = "sql_2018_11_10";
if (in_array($cipher, openssl_get_cipher_methods())) {
// Encrypt
$plaintext = file_get_contents("tmp/$fileRoot.zip");
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/enc_$fileRoot.txt", $ciphertext);
// Decrypt
$ciphertext = file_get_contents("tmp/enc_$fileRoot.txt");
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/uenc_$fileRoot.zip", $original_plaintext);
}
I'm trying to understand how to AES encrypt a piece of text(16 bytes - 128 bits). This code is from php manual:
$key = openssl_random_pseudo_bytes(32);
$plaintext = "message to be encrypted";
$cipher = "aes-128-gcm";
if (in_array($cipher, openssl_get_cipher_methods()))
{
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
//store $cipher, $iv, and $tag for decryption later
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
echo $original_plaintext."\n";
}
The only problem with this is that i don't really understand it. $cipher is aes-128-gcm but i'm getting a 32 bytes encryption.
So my questions are:
Can somebody help me understand how it actually works?
Is it possible to make it 16 bytes/128 bites?
And is it safe to store $cipher, $iv, $key and $tag into a MySQL database for later use?
P.S: if i change $key length to 16 instead of 32 the final output of $ciphertext is still 32 bytes.
Thank you!
The only problem with this is that i don't really understand it. $cipher is aes-128-gcm but i'm getting a 32 bytes encryption.
AES-GCM is an authenticated cipher. If you're trying to learn how the basic building block works, you want to play with aes-128-ecb instead.
If you want a real-world encryption mode, you want to keep using GCM, never ECB.
And is it safe to store $cipher, $iv, $key and $tag into a MySQL database for later use?
You can store everything except the key, safely. The key lets you decrypt.
I want to encrypt html data before saving in Database.
this is a sample html text:
<p>test data in normal text</p> <p><b>test data in bold text</b></p> <p><i>test data in italics text</i></p> <p><b><i>test data in bold and italics text</i></b><br></p>
Can anyone help me to find a solution.
use can use OpenSSL encrypt
$plaintext = "message to be encrypted";
$cipher = "aes-128-gcm";
if (in_array($cipher, openssl_get_cipher_methods()))
{
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
//store $cipher, $iv, and $tag for decryption later
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
echo $original_plaintext."\n";
}
check following link for more detail
http://php.net/manual/en/function.openssl-encrypt.php
I want to decrypt an encrypted response using mcrypt_decrypt but this doesn't work, so I'm using this snippet of code for test and the response should be "This is a test":
// Encryption Algorithm
// the $shared_key and $init_vector are not real
$cipher_alg = MCRYPT_RIJNDAEL_128;
$shared_key = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF";
$key = pack("H*", $shared_key);
$init_vector = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF";
$iv = pack("H*", $init_vector);
echo mcrypt_decrypt($cipher_alg, $key, utf8_encode(mcrypt_encrypt(
$cipher_alg, $key, utf8_encode('This is a test'), MCRYPT_MODE_CBC, $iv)), MCRYPT_MODE_CBC, $iv);
And the response is:
æ †,?7÷q†Ý³‚¢gTô1ò‚ù’Ü”®mÀ{ëQS
What I'm doing wrong?
You are utf8 encoding the encrypted stuff. That way it is modified and can not be decrypted anymore.
echo mcrypt_decrypt($cipher_alg, $key, mcrypt_encrypt(
$cipher_alg, $key, 'This is a test'), MCRYPT_MODE_CBC, $iv), MCRYPT_MODE_CBC, $iv);