openssl_decrypt

(PHP 5 >= 5.3.0, PHP 7, PHP 8)

openssl_decrypt — Déchiffrer les données

Description

openssl_decrypt(
    string $data,
    string $cipher_algo,
    string $passphrase,
    int $options = 0,
    string $iv = "",
    string $tag = "",
    string $aad = ""
): string|false

Prend une chaine brute ou base64 encodée et la déchiffre en utilisant la méthode et la clé passées.

Liste de paramètres

data: Le message chiffré à déchiffrer.
cipher_algo: L'algorithme de chiffrement. Pour la liste des algorithmes de chiffrement disponible, utiliser openssl_get_cipher_methods().
passphrase: La clé.
options: Le paramètre options peut prendre comme valeur OPENSSL_RAW_DATA ou OPENSSL_ZERO_PADDING.
iv: Un vecteur d'initialisation non-nul.
tag: La balise d'authentification en mode de chiffrement AEAD. Si elle est incorrecte, l'authentification échoue et la fonction retourne false.

Attention
La longueur de tag n'est pas vérifié par la fonction. C'est la responsabilité de l'appeleur de s'assurer que la longueur du tag correspond à la longueur du tag reçu quand openssl_encrypt() a été appelée. Sinon, le déchiffrement peut réussir si le début du tag donné correspond au début du vrai tag.
aad: Données d'authentification supplémentaires.

Valeurs de retour

La chaine décryptée en cas de succès ou false si une erreur survient.

Erreurs / Exceptions

Émets une erreur de niveau E_WARNING si un algorithme cipher inconnu est passé via cipher_algo.

Émets une erreur de niveau E_WARNING si une valeur vide est passée comme paramètre iv.

Historique

Version	Description
7.1.0	Les paramètres `tag` et `aad` ont été ajoutée.

Voir aussi

openssl_encrypt() - Chiffre les données

add a note

User Contributed Notes 8 notes

down

Hernanibus ¶

7 years ago


Parameters may seem obvius to some but not for everyone so:



- $data can be as the description says raw or base64. If no $option is set (this is, if value of 0 is passed in this parameter), data will be assumed to be base64 encoded. If parameter OPENSSL_RAW_DATA is set, it will be understood as row data.



- $password (key) is a String of [pseudo] bytes as those generated by the function openssl_random_pseudo_bytes().



- $options as (as for 2016) two possible values OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING. Setting both can be done by OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING. If no OPENSSL_ZERO_PADDING is specify, default pading of PKCS#7 will be done as it's been observe by [openssl at mailismagic dot com]'s coment in openssl_encrypt()



- $iv is as in the case of $password, a String of bytes. Its length depends on the algorithm used. May be the best way to generate an $iv is by:



<?php

    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('your algorithm'));// for example you algorithm = 'AES-256-CTR'

?>

down

lucianonapoli at yahoo dot it ¶

7 years ago


The parameter string $password must be in binary form and is derived from the exadecimal key value.

Example:

encrypting in command line console with openssl
openssl AES-256-CBC -K 5ae1b8a17bad4da4fdac796f64c16ecd -iv 34857d973953e44afb49ea9d61104d8c -in doc.txt -out doc.enc.txt

decripting in php
$key = hex2bin('5ae1b8a17bad4da4fdac796f64c16ecd');
$iv = hex2bin('34857d973953e44afb49ea9d61104d8c');

$output = openssl_decrypt($encstr, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);

down

markagius dot co dot uk ¶

7 years ago


openssl_decrypt(..) works with most but not all method types.
This list can vary, depending on the data (Message) and key (Password) used.

See the following code and edit the $text and $password values.
Code checks if text is the same after encrypting then decrypting it.

Note:
  You can still use openssl_encrypt(..) with;
  User enters 'Log-in password'
  (Encrypted and stored using openssl_encrypt)
  Next time.
  User logs-in with 'Log-in password'
  (Check that encrypted 'Log-in password' = stored data)

<CODE>
  // Please edit $password=... and $text=...

  $password = "This is a journey into sound";

  $text = "";
  for($charNo=0; $charNo<=255; $charNo=$charNo+1){
    // if($charNo==127) {$charNo=$charNo+1;}
    if(!$charNo<127){
      // $text = $text."&#x".strtoupper(dechex($charNo)).";";
      $text = $text.chr($charNo);
    } else {
      $text = $text.chr($charNo);
    }
  }

$text = "This is a test message.";

  print "<TABLE BORDER=\"1\">\n";
  print "<TR><TD><B>Encryption type:</B></TD><TD><B>String after converting back:</B></TD></TR>\n";
  $ciphers = openssl_get_cipher_methods();
  for($pointer=0; $pointer<count($ciphers); $pointer=$pointer+1){
    $edit  = EncryptDecrypt($text, true,  $password, $ciphers[$pointer]);
    $check = EncryptDecrypt($edit, false, $password, $ciphers[$pointer]);
    if($text!=$check){
      $info  = $check;
      print "<TR><TD>".$ciphers[$pointer]."</TD><TD>".$info."</TD></TR>\n";
    }
  }
  print "</TABLE>\n";

function EncryptDecrypt($oldText, $encryptIt=true, $password="PASSWORD", $encryptType=""){
  $ciphers = openssl_get_cipher_methods();
  $foundEncType = false;
  for($pointer=0; $pointer<count($ciphers); $pointer=$pointer+1){
    if($ciphers[$pointer]==$encryptType){$foundEncType=true;}
  }
  if(!$foundEncType){
    $encryptType = "RC2-64-CBC"; // Default value used if not set or listed.
  }
  if($encryptIt){
    $newText = openssl_encrypt($oldText,$encryptType,$password);
  } else {
    $newText = openssl_decrypt($oldText,$encryptType,$password);
  }
  return $newText;
}
</CODE>
The following (sometimes) don't work:
    DES-EDE3-CFB1    (sometimes)
    aes-128-gcm
    aes-192-gcm
    aes-256-gcm
    des-ede3-cfb1        (sometimes)
    id-aes128-GCM
    id-aes192-GCM
    id-aes256-GCM

down

ittasks at gmail dot com ¶

11 years ago


in case that hosting do not provide openssl_encrypt decrypt functions - it could be mimiced via commad prompt executions  
this functions will check is if openssl is installed and try to use it by default

function sslPrm()
{
 return array("your_password","IV (optional)","aes-128-cbc");
}
function sslEnc($msg)
{
  list ($pass, $iv, $method)=sslPrm();
  if(function_exists('openssl_encrypt'))
     return urlencode(openssl_encrypt(urlencode($msg), $method, $pass, false, $iv));
  else
     return urlencode(exec("echo \"".urlencode($msg)."\" | openssl enc -".urlencode($method)." -base64 -nosalt -K ".bin2hex($pass)." -iv ".bin2hex($iv)));
}
function sslDec($msg)
{
  list ($pass, $iv, $method)=sslPrm();
  if(function_exists('openssl_decrypt'))
     return trim(urldecode(openssl_decrypt(urldecode($msg), $method, $pass, false, $iv)));
  else
     return trim(urldecode(exec("echo \"".urldecode($msg)."\" | openssl enc -".$method." -d -base64 -nosalt -K ".bin2hex($pass)." -iv ".bin2hex($iv))));
}

//example of usage:
$r= sslEnc("This is encryption/decryption test!");
echo "<br>\n".$r.":".sslDec($r);

down

t.terada ¶

3 years ago


This function does not check tag length in GCM mode, which may allow attackers to bypass integrity check by tag truncation.
See https://bugs.php.net/bug.php?id=75804

down

-7

Bitbang3r ¶

7 years ago


openssl_decrypt assumes that $data is base64-encoded by default, but $key and $iv (when using AES) must be "raw" byte values.

In other words, assume that $data, $key, and $iv are all base64-encoded strings. Both $key and $iv must be base64-decoded before openssl_decrypt can use them.

Example code:

$ciphertext64 = "gfcC6t1BarndpzMuvYj2JFpWHqlWSJMhTtxPN7QjyEg=";
$key64 = "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=";
$iv64="AAECAwQFBgcICQoLDA0ODw==";

$key = base64_decode($key64, true);
$iv = base64_decode($iv64, true);

$decrypted = openssl_decrypt($ciphertext64, 'aes-256-cbc', $key, 0, $iv);

Other 'gotchas' to keep in mind when cipher is 'aes-256-cbc':

*  strlen($key) SHOULD be 32. PHP will apparently pad the key if necessary, with potentially unpredictable interoperability with other libraries and platforms, and almost certain reduction in cipher strength. Save yourself the headache, and make sure it's EXACTLY 32.

* strlen($iv) MUST be 16. By definition, AES uses 128-bit blocks, regardless of whether the key length is 128, 192, or 256... and iv's length must be precisely equal to that block length.

* Remember... $iv doesn't necessarily have to be SECRET (it's just a salt), but it MUST be cryptographically random AND different EACH TIME you begin a new round of AES encryption ("round" == "one call to openssl_encrypt or equivalent").

* Don't assume that your random numbers are cryptographically secure unless the function guarantees it. In general, PHP's random numbers AREN'T cryptographically secure (at least, not by default, and not unless the server's admin has gone out of his way to try). There's a HUGE difference between numbers that "look random", and numbers that genuinely ARE random, and it can make the difference between robust long-term encryption and mere obfuscation. See openssl_random_pseudo_bytes.

Finally, if you're attempting to use 'aes-256-gcm' (AEAD), search Google for "67304 gcm" to confirm that it's both supported AND known to work in whatever version of PHP you have available.

down

-3

Lingasamy Sakthivel ¶

5 years ago


This worked for me.

    openssl_decrypt ( $encrypted_value , "AES-256-CFB" , $my_private_key , OPENSSL_RAW_DATA);

OPENSSL_RAW_DATA indicates raw data otherwise it will be treated as base64 encoding by default.

down

-72

Anonymous ¶

10 years ago


If your using windows os, do not use the text inside the "file previewer" pane, as this is a truncated version of the actual encrypted string.

Instead, you need to open the file directly and use the contents there.

The error message I had been getting was:
"error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length"

add a note