From mcrypt_decrypt to openssl_decrypt

Question

I have a question, I want to replace a function call to mcrypt with open_ssl decrypt. but the output is mingled:

This is the mcrypt implementation (which works great):

$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
                         substr(sha1($this->secretKey), 0, 32),
                         base64_decode($encrypted),
                         MCRYPT_MODE_CBC,
                         base64_decode($iv)), "\0..\32");
                         var_dump($decrypted);

And i translated it to:

        var_dump( 
        trim(
            openssl_decrypt(
                $encrypted,
                'AES-256-CBC',
                substr(sha1($this->secretKey), 0, 32), 
                OPENSSL_ZERO_PADDING, $iv) 
            ),"\0..\32");

,

But it results in an error:

openssl_decrypt(): IV passed is 24 bytes long which is longer than the 16 expected by selected cipher, truncating

And mingled output:

'm%xlj j>|lgSke":"2017-05-19T05:48:37-07:00","receipt":

The first key value pair being mingled.

Anyone suggestions or any option I might have missed?

thank you!

Answer 1

$data can be as the description says raw or base64. If no $option is set (this is, if value of 0 is passed in this parameter), data will be assumed to be base64 encoded. If parameter OPENSSL_RAW_DATA is set, it will be understood as row data.

$iv is as in the case of $password, a String of bytes. Its length depends on the algorithm used. May be the best way to generate an $iv is by:

$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('your algorithm'));
// for example you algorithm = 'AES-256-CTR'

For more Information : https://www.php.net/manual/en/function.openssl-decrypt.php