0

Hellom I've got strange and unexpected act of openssl_decrypt

<?php
$method = 'aes256';
$pass = 'sdaf879dsa8f7sdaf87sadf87';
$iv = 'asds9d87fsadf987';
$toEncrypt = array(
    'data' => 'toEncrypt',
    'time' => time(),
);
$toEncrypt = json_encode($toEncrypt);
echo $toEncrypt . PHP_EOL;
$encrypted = openssl_encrypt($toEncrypt, $method, $pass, false, $iv);
$decrypted = openssl_decrypt($encrypted, $method, $pass, false, $iv);
echo $decrypted . PHP_EOL;

as a return I got:

PHP5.6:

{"data":"toEncrypt","time":1487922033}
22033}":"toEncrypt","time":1487922033}

PHP7.0:

{"data":"toEncrypt","time":1487932229
{"data":"toEncrypt","time":1487932229}

In my opinion both strings should be the same as in PHP7:)

I am using Ubuntu 16.10 with php7.0 and additionaly php5.6 installed from ondrej/php repository. If php is switched to 7.0 everything is going ok, 5.6 causes problem with openssl_decrypt().

Any ideas Guys?

demboo
  • 1
  • 1
  • This is invalid json and not what PHP would return to you ever. Please always when you find something unexpected, also provide what you actually expect. – Daniel W. Feb 24 '17 at 10:02
  • OK, sorry if it is not clear - both returned strings should be the same. – demboo Feb 24 '17 at 10:06
  • Ran your code exactly as you have it - works correctly ;-/ PHP 5.4.4 – Ryan Vincent Feb 24 '17 at 10:16
  • Please look at this output comparison in different PHP versions: https://3v4l.org/gd3Bu – Daniel W. Feb 24 '17 at 10:18
  • I know, it works ok, because on my another machine everything is ok at 5.6, but in some case in current situation something is going wrong and I dont know why. Is it problem with compilation or maybe with some settings? – demboo Feb 24 '17 at 10:46
  • Different versions of open_ssl? What are the version in each environent? (`phpInfo()` will show all the details). Please add the details to your question. Search google with the version details to see if there are any obvious bugs with that version of PHP and openssl? I would `var_dump()` input and output in PHP 5.6 in case some odd character was added then messed up the display. Maybe show hex values of output? (bin2hex)) – Ryan Vincent Feb 24 '17 at 11:02
  • Versions of openssl are the same. I have tried to find some information about this case during yesterday but nothing was available. Finally I decided to put question here. – demboo Feb 24 '17 at 11:04
  • have no idea. I will check home. Since then, let's `var_dump` your variables, not `echo`. What is the result? – vaso123 Feb 24 '17 at 11:34
  • string(38) "{"data":"toEncrypt","time":1487938483}" and string(38) "38483}":"toEncrypt","time":1487938483}" – demboo Feb 24 '17 at 12:15
  • Read the first comment on php.net for decrytp: `$data can be as the description says raw or base64. If no $option is set (this is, if value of 0 is passed in this parameter), data will be assumed to be base64 encoded. If parameter OPENSSL_RAW_DATA is set, it will be understood as row data` and there are some other intresting things also. – vaso123 Feb 24 '17 at 12:37
  • 1
    I've purged php5.6 and install new 'PHP 5.6.30-5+deb.sury.org~yakkety+2 (cli)' before that it was '...yakkety+1 (cli)'. Now everything works fine. I think it was problem with previous package. – demboo Feb 24 '17 at 13:33
  • Please try : https://stackoverflow.com/questions/44074070/from-mcrypt-decrypt-to-openssl-decrypt/65434577#65434577 – shorol Dec 24 '20 at 06:18

0 Answers0