Encrypt - Decrypt AES PHP

4
votes

I would like to encrypt and decrypt somes data with AES CCM!

I managed to do this operation in the same php file. But I would like to be able to send the encrypted data to another page to decrypt it with. But impossible ... Yet I send the iv, the tag and the encrypted data. Do you have a solution?

I have these errors:

Warning: openssl_decrypt(): Setting tag for AEAD cipher decryption failed in adddata1.php on line 18

Fatal error: Uncaught Exception: OpenSSL error: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length in adddata1.php:21 Stack trace: #0 {main} thrown in dddata1.php on line 21

First file : 

$algo  = 'aes-128-ccm';
$iv    = random_bytes(openssl_cipher_iv_length($algo));
$key   = "cd9344040aa9f9217871d46ee871c59c"; 
$data = '00000000010-3b57af';
$ciphertext = openssl_encrypt(
    $data,
    $algo,
    $key,
    OPENSSL_RAW_DATA,
    $iv,
    $tag
);

echo'<a href="adddata1?data='.$ciphertext.'&tag='.$tag.'&iv='.$iv.'">"decrypte"</a>';
?>

Second file : 

$algo  = 'aes-128-ccm';
$key   = "cd9344040aa9f9217871d46ee871c59c"; 

$ciphertext = $_GET['data'];
$iv = $_GET['iv'];
$tag = $_GET['tag'];
// Change 1 bit in additional authenticated data
// $i = rand(0, mb_strlen($aad, '8bit') - 1);
// $aad[$i] = $aad[$i] ^ chr(1);
$decrypt = openssl_decrypt(
    $ciphertext,
    $algo,
    $key,
    OPENSSL_RAW_DATA,
    $iv,
    $tag
);
if (false === $decrypt) {
    throw new Exception(sprintf(
        "OpenSSL error: %s", openssl_error_string()
    ));
}


printf ("Decryption %s\n", $data === $decrypt ? 'Ok' : 'Failed');
printf("<br/>");
printf(base64_encode($tag));
printf("<br/>");
printf(base64_encode($iv));
printf("<br/>");
printf(base64_encode($ciphertext));
printf("<br/>");
printf($data);
?>

In one file :

<?php

$algo  = 'aes-128-ccm';
$iv    = random_bytes(openssl_cipher_iv_length($algo));
$key   = "cd9344040aa9f9217871d46ee871c59c"; 
$data = '00000000010-3b57af';
$ciphertext = openssl_encrypt(
    $data,
    $algo,
    $key,
    OPENSSL_RAW_DATA,
    $iv,
    $tag
);

// Change 1 bit in additional authenticated data
// $i = rand(0, mb_strlen($aad, '8bit') - 1);
// $aad[$i] = $aad[$i] ^ chr(1);
$decrypt = openssl_decrypt(
    $ciphertext,
    $algo,
    $key,
    OPENSSL_RAW_DATA,
    $iv,
    $tag
);
if (false === $decrypt) {
    throw new Exception(sprintf(
        "OpenSSL error: %s", openssl_error_string()
    ));
}


printf ("Decryption %s\n", $data === $decrypt ? 'Ok' : 'Failed');
printf("<br/>");
printf(base64_encode($tag));
printf("<br/>");
printf(base64_encode($iv));
printf("<br/>");
printf(base64_encode($ciphertext));
printf("<br/>");
printf($data);
?>

Thanks

1
phpencryptioncryptography
Can you edit your post to show what does work in the "one" file? Also, is there anything that comes back when using error reporting? php.net/manual/en/function.error-reporting.php - Funk Forty Niner
Assume transport issue. Seems like the base64 stuff is backwards? Why encode on receiving end, should that not be decode? Where is it encoded when sent? Why change when outputting but not when using in openssl functions? Check for change as it goes over wire. - ficuscr
Not anything comme back, I have theses errors :Warning: openssl_decrypt(): Setting tag for AEAD cipher decryption failed in adddata1.php on line 18 Fatal error: Uncaught Exception: OpenSSL error: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length in adddata1.php:21 Stack trace: #0 {main} thrown in adddata1.php on line 21 - user46510

1 Answers

6
votes

The issue is likely the iv. You are generating random bytes and adding them as a request parameter in a URL, where string encodings matter. Convert the bytes to characters which are valid in a URL. bin2hex is one simple method:

echo '<a href="adddata1?data='.$ciphertext.'&iv='.bin2hex($iv)...

And on the receiving end convert it back:

$iv = hex2bin($_GET['iv']);