openssl_decrypt tag value

Question

I'm using the openssl_encrypt / decrypt method in my website but i'm having some troubles with the $tag option

openssl_encrypt ( $data, $method, $key, $options, $iv, $tag )
openssl_decrypt ( $data, $method, $key, $options, $iv, $tag )

from http://php.net/manual/en/function.openssl-encrypt.php, the definition of tag is: The authentication tag passed by reference when using AEAD cipher mode (GCM or CCM). But i didn't understand it.

I tried it in my codes

$data = "text to be encrypted";
$cipher = "aes-128-gcm";
$key = "0123456789abcdefghijklmnob123456";
$option = 0;
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);

if (in_array($cipher, openssl_get_cipher_methods())){       
    $encryptedData = openssl_encrypt($data,$cipher,$key,$option,$iv,$tag);
    echo $encryptedData;

    $decryptedData = openssl_decrypt($encryptedData,$cipher,$key,$option,$iv,$tag);
    echo $decryptedData;
}

i got this result:

encrypted text: Vlx/yKkPhg0DpD0YKvnFKRiCh/I=
decrypted text: text to be encrypted

哪个是正确的。但如果我直接以这种方式解密加密文本：

$data = "text to be encrypted";
$cipher = "aes-128-gcm";
$key = "0123456789abcdefghijklmnob123456";
$option = 0;
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);

if (in_array($cipher, openssl_get_cipher_methods())){
    $encryptedData = "Vlx/yKkPhg0DpD0YKvnFKRiCh/I=";

    $decryptedData = openssl_decrypt($encryptedData,$cipher,$key,$option,$iv,$tag);
    echo $decryptedData;
}

我越来越：

Notice: Undefined variable: tag

如果有人可以向我解释为什么会发生这种情况以及 $tags 的值应该是多少。谢谢

Answer 1

PHP 抱怨的标签是使用 GCM 操作模式时 AES 的一个重要方面。在此模式下，不仅会应用 AES 块密码，还会计算身份验证标签。它是一个字节数组，表示MAC（消息验证代码），可用于验证数据的完整性并进行解密。需要提供相同的标签来进行验证。有关更多详细信息，请参阅有关伽罗瓦/计数器模式的维基百科页面。

因此，为了成功解密该密文，您需要捕获调用$tag产生的变量openssl_encrypt()并将其输入到openssl_decrypt()调用中。你没有这样做，因此抱怨标签丢失。请注意，标签（通常）包含不可读的字符，因此以 Base64 编码格式存储它会更方便。

除了变量之外，您还应该为方法提供与调用中使用的相同的变量$tag值。同样，base64 编码使这变得更容易。$ivopenssl_decrypt()openssl_encrypt()

下面的快速测试演示了这一切，我首先修改您的脚本以打印更多内容，然后使用提供的脚本进行解密：

$ php test1.php 
iv base64-ed: vBKbi8c6vCyvWonV
plaintext: text to be encrypted
ciphertext base64-ed: z28spOd3UEDmj+3a8n/WK11ls7w=
GCM tag base64-ed: OIAggQCGUbPgmPN6lFjQ8g==
$ php test2.php 
decrypted ciphertext: text to be encrypted

其中代码test2.php如下：

$cipher = "aes-128-gcm";
$key = "0123456789abcdefghijklmnob123456";
$option = 0;
$iv = base64_decode("vBKbi8c6vCyvWonV");

if (in_array($cipher, openssl_get_cipher_methods())){       

    $encryptedData = "z28spOd3UEDmj+3a8n/WK11ls7w=";
    $tag = base64_decode("OIAggQCGUbPgmPN6lFjQ8g==");

    $decryptedData = openssl_decrypt($encryptedData,$cipher,$key,$option,$iv,$tag);
    echo("decrypted ciphertext: ".$decryptedData."\n");
}