openssl_decrypt () function not working, returning null

php ssl encryption

10,800

I had exactly the same problem, I then googled my question and ended up here, on the same question that I had asked. So I had to search elsewhere.

I found this article useful in explaining the shortcoming of the official php documentation. Another article with similar content is here.

In the end it boils down to the key/password. What the openssl_encrypt library expects is a key NOT A PASSWORD. And the size of key must be the size of cipher’s intrinsic key size. The first article says if you provide a longer key, the excess is discarded and a key shorter than expected is padded with zero, i.e. \x00 bytes. I have not tested this fact.

I have edited your code to read as below.

The idea I have used is that the size of the initial vector that a cipher expects is also the size of the key it expects. So here, I am passing a key not a password as you were doing. Simply find a way turning your password into a key.

In your code, you did not pass options and the iv (initialization vector).

The iv is a string the cipher 'mixes' with the plaintext before encryption. So what the cipher encrypts is this 'mixture'. Is this important? Yes! Without this 'mixing', a pair of identical plaintexts would result into a pair of identical ciphertexts, which can lead to an attack; if two identical plaintext-ciphertext pairs are not from the same user, these two users are using the same key! A unique iv for each plaintext therefore ensures that no two plaintexts result into identical ciphertexts. In other words, the iv is a salt.

    $plaintext = 'Testing OpenSSL Functions';
    $methods = openssl_get_cipher_methods();
    //$clefSecrete = 'flight';
    echo '<pre>';       
    foreach ($methods as $method) {
        $ivlen = openssl_cipher_iv_length($method);
        $clefSecrete = openssl_random_pseudo_bytes($ivlen);
        $iv = openssl_random_pseudo_bytes($ivlen);

        $encrypted = openssl_encrypt($plaintext, $method, $clefSecrete, OPENSSL_RAW_DATA, $iv);
        $decrypted = openssl_decrypt($encrypted, $method, $clefSecrete, OPENSSL_RAW_DATA, $iv);
        echo 'plaintext='.$plaintext. "\n";
        echo 'cipher='.$method. "\n";
        echo 'encrypted to: '.$encrypted. "\n";
        echo 'decrypted to: '.$decrypted. "\n\n";
    }
    echo '</pre>';

10,800

Author by

Admin

Updated on June 09, 2022

Comments

Admin almost 2 years

i used openssl_encrypt and openssl_decrypt function but the decrypt part is not returning any value, whereas using the same key Encrypt is working fine. here is the function which i used. the variable $decrypted always return a null . every small help will be appreciated

function deCryption($value)
{

    $methods = openssl_get_cipher_methods();
    $clefSecrete = "flight";
    echo '<pre>';
    foreach ($methods as $method) {
        //$encrypted = openssl_encrypt($texteACrypter, $method, $clefSecrete); ----this was used for encryption
        $decrypted = openssl_decrypt($value, $method, $clefSecrete);
        echo "value=".$decrypted;
        echo $method . ' : '. $decrypted . "\n";
        break;
    }
    echo '</pre>';
    return $decrypted;
}

N.B. over 7 years

The question is 3 years old and the author is not to be seen on SO for quite a while. While you did answer the question when it comes to encryption, you opened the Pandora's box because people who stumble upon this answer will copy paste it. The answer doesn't mention anything about the importance of initialization vector, why it has to be different every time you encrypt data and such - I suggest you add that as well, to make the answer complete.