-1

I have a PHP script that will encrypt data to store in a database, but when I run the script, the openssl_encrypt returns false with the error: "error:1C800066:Provider routines::cipher operation failed".


    $cipher = str_replace("\n", "", file_get_contents("/key/cipher"));
    $iv_length = openssl_cipher_iv_length($cipher);
    $options = 0;
    $iv = str_replace("\n", "", file_get_contents("/key/iv"));
    $key = str_replace("\n", "", file_get_contents("/key/key"));

    $firstName = openssl_encrypt($data["firstName"], $cipher, $key, $options, $iv);

I have verified that all of these files exist on my pc, as well as $data["firstName"] is actually received.

The data that fails is a first name about 6 characters long, but when I type in an email, which is about 19 characters long, it works perfectly fine.

Improve this question
1
  • At least the algorithm ($cipher) is missing, s. MCVE. Commented Jun 25, 2024 at 14:58

1 Answer 1

Reset to default
0

Even though the cipher I was using aes-256-xts, which is on the list when I call the openssl_get_cipher_methods(); function, I switched to aes-256-ctr and it started working.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

aes-256-xts refers to AES-256 in XTS mode. XTS is a block cipher mode that does not use padding, but ciphertext stealing, which is why there is a minimum plaintext size of one block (16 bytes). This also explains your issue (encryption of 6 bytes plaintext fails, while 19 bytes plaintext works). Also, the key size is twice as large as usual, e.g. 512 bits for AES-256. XTS is normally used for disk encryption. Instead of an IV, a 128 bit tweak is applied (which is commonly derived from something like the disk sector number).
Ok, thank you. I am now realizing I should have included the cipher I was using in the OG question. I also didnt realize what XTS mode was, thank you for the info!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.