How do I make openssl_encrypt pad the input to the required block size?

Question

My code works if I manually pad my string to the length of 32.
My question is: Is there a way to make the openSSL pad the data, or do I always have to do it for it?

Working:

 openssl_encrypt ("my baba is over the ocean1111111", 'AES-256-CBC', $MY_SECRET_KEY,OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING,$MY_IV);

Not working:

openssl_encrypt ("my baba is over the ocean", 'AES-256-CBC', $MY_SECRET_KEY,OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING,$MY_IV);

I solve this currently by self padding:

$pad = 32 - (strlen("my baba is over the ocean") % 32);
$clear = "my baba is over the ocean" . str_repeat(chr($pad), $pad); //encrypt this string

The required block size for AES is 16. I'm guessing your choice of 0's padding is confusing the machinery. — jww, Feb 13 '17 at 19:45
Can you not intentionally use PKCS5 as your padding scheme in place of where you currently have zero padding? — Luke Joshua Park, Feb 13 '17 at 23:30
@LukePark is there a built in way to do it? btw -> notice I pad the block myself and not with zeros — Itay Moav -Malimovka, Feb 14 '17 at 02:01

score 10 · Accepted Answer · answered Feb 14 '17 at 07:33

10

As Luke Park said, instead of explicitly telling openssl_encrypt to use OPENSSL_ZERO_PADDING, simply remove that option from the parameter and it will default to the PKCS #7 padding scheme (fills the rest of the block with 0x0n where n is the number of bytes necessary; + 16 0x00 if the block is already complete). Note: PKCS #5 as referenced by Luke and PKCS #7 are effectively identical in this scenario.

From PHP docs:

Without using OPENSSL_ZERO_PADDING, you will automatically get PKCS#7 padding.

So you should be calling:

openssl_encrypt("my baba is over the ocean", 'AES-256-CBC', $MY_SECRET_KEY, OPENSSL_RAW_DATA, $MY_IV);

answered Feb 14 '17 at 07:33

Andy

13,916
1
36
78

3

What confused me was the Name, I assumed it means padding with ZEROs. while in truth it was meant as NO PADDING. – Itay Moav -Malimovka Feb 14 '17 at 20:55
I want to generate a part of a URL string using this method. But the URL being generated is consisting of such random bytes that the system is not being able understand it. Gibberish text appears when printing it out. Is there any other solution in such case? – VivekP Apr 24 '20 at 07:38
You should encode the cipher text with a URL-safe encoding like [hexadecimal](https://en.wikipedia.org/wiki/Hexadecimal) or [Base64](https://en.wikipedia.org/wiki/Base64) (with URL modifications in place). – Andy Apr 24 '20 at 16:52

How do I make openssl_encrypt pad the input to the required block size?

1 Answers1

Linked