Subsequent decrypt fails with file size 0









up vote
0
down vote

favorite












The following script works fine. The zip is encrypted, txt file created, and immediately decrypted successfully, and the new zip is created successfully.



However, if I run the decrypt portion only subsequently, it fails to decrypt the txt file. It returns an empty $original_plaintext variable and the final zip has size 0. The $key and $iv are not changed for the second run. Security is not the issue - I just need a scrambled text file and then need to be able to decrypt it later.



$key = "sometext"; 
$iv = "someothertext";
$cipher = "aes-128-gcm";
$tag = NULL;

$fileRoot = "sql_2018_11_10";

if (in_array($cipher, openssl_get_cipher_methods()))
// Encrypt
$plaintext = file_get_contents("tmp/$fileRoot.zip");
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/enc_$fileRoot.txt", $ciphertext);

// Decrypt
$ciphertext = file_get_contents("tmp/enc_$fileRoot.txt");
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/uenc_$fileRoot.zip", $original_plaintext);










share|improve this question





















  • I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
    – MBourne
    Nov 11 at 9:21











  • After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
    – MBourne
    17 hours ago














up vote
0
down vote

favorite












The following script works fine. The zip is encrypted, txt file created, and immediately decrypted successfully, and the new zip is created successfully.



However, if I run the decrypt portion only subsequently, it fails to decrypt the txt file. It returns an empty $original_plaintext variable and the final zip has size 0. The $key and $iv are not changed for the second run. Security is not the issue - I just need a scrambled text file and then need to be able to decrypt it later.



$key = "sometext"; 
$iv = "someothertext";
$cipher = "aes-128-gcm";
$tag = NULL;

$fileRoot = "sql_2018_11_10";

if (in_array($cipher, openssl_get_cipher_methods()))
// Encrypt
$plaintext = file_get_contents("tmp/$fileRoot.zip");
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/enc_$fileRoot.txt", $ciphertext);

// Decrypt
$ciphertext = file_get_contents("tmp/enc_$fileRoot.txt");
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/uenc_$fileRoot.zip", $original_plaintext);










share|improve this question





















  • I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
    – MBourne
    Nov 11 at 9:21











  • After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
    – MBourne
    17 hours ago












up vote
0
down vote

favorite









up vote
0
down vote

favorite











The following script works fine. The zip is encrypted, txt file created, and immediately decrypted successfully, and the new zip is created successfully.



However, if I run the decrypt portion only subsequently, it fails to decrypt the txt file. It returns an empty $original_plaintext variable and the final zip has size 0. The $key and $iv are not changed for the second run. Security is not the issue - I just need a scrambled text file and then need to be able to decrypt it later.



$key = "sometext"; 
$iv = "someothertext";
$cipher = "aes-128-gcm";
$tag = NULL;

$fileRoot = "sql_2018_11_10";

if (in_array($cipher, openssl_get_cipher_methods()))
// Encrypt
$plaintext = file_get_contents("tmp/$fileRoot.zip");
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/enc_$fileRoot.txt", $ciphertext);

// Decrypt
$ciphertext = file_get_contents("tmp/enc_$fileRoot.txt");
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/uenc_$fileRoot.zip", $original_plaintext);










share|improve this question













The following script works fine. The zip is encrypted, txt file created, and immediately decrypted successfully, and the new zip is created successfully.



However, if I run the decrypt portion only subsequently, it fails to decrypt the txt file. It returns an empty $original_plaintext variable and the final zip has size 0. The $key and $iv are not changed for the second run. Security is not the issue - I just need a scrambled text file and then need to be able to decrypt it later.



$key = "sometext"; 
$iv = "someothertext";
$cipher = "aes-128-gcm";
$tag = NULL;

$fileRoot = "sql_2018_11_10";

if (in_array($cipher, openssl_get_cipher_methods()))
// Encrypt
$plaintext = file_get_contents("tmp/$fileRoot.zip");
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/enc_$fileRoot.txt", $ciphertext);

// Decrypt
$ciphertext = file_get_contents("tmp/enc_$fileRoot.txt");
$original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, $options=0, $iv, $tag);
file_put_contents("tmp/uenc_$fileRoot.zip", $original_plaintext);







php encryption






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 10 at 12:10









MBourne

6417




6417











  • I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
    – MBourne
    Nov 11 at 9:21











  • After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
    – MBourne
    17 hours ago
















  • I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
    – MBourne
    Nov 11 at 9:21











  • After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
    – MBourne
    17 hours ago















I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
– MBourne
Nov 11 at 9:21





I have tried several different combinations of : * Fixed IV and key * Fixed and non-fixed IV and key * Using zip and not using zip Why in each case will it successfully decrypt if it is immediately after the encrypt, but not if it's decrypt only? As for errors, I'm seeing error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length, but I'm using a 128-byte key, as recommended in the docs. How do I get it to decrypt?
– MBourne
Nov 11 at 9:21













After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
– MBourne
17 hours ago




After more experimentation, I find that decrypt only works if it is preceded by an encrypt of the exact same text. Is this a PHP bug or am I missing something fundamental?
– MBourne
17 hours ago

















active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53238812%2fsubsequent-decrypt-fails-with-file-size-0%23new-answer', 'question_page');

);

Post as a guest



































active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53238812%2fsubsequent-decrypt-fails-with-file-size-0%23new-answer', 'question_page');

);

Post as a guest














































































這個網誌中的熱門文章

How to read a connectionString WITH PROVIDER in .NET Core?

Node.js Script on GitHub Pages or Amazon S3

Museum of Modern and Contemporary Art of Trento and Rovereto