Comments (13)
Sorry that I'm late to respond; I was on vacation.
The tag is passed for authenticated modes of AES, such as GCM. Most cryptography libraries omit it entirely; OpenSSL has it as an optional parameter, as per these docs. In my implementation of AES-256-GCM, I use a blank internally, with no drawback.
If the parameter is required, you can try passing null. If that doesn't work, get back to me with the error logs.
You also might want to try Stack Overflow – I'm not a PHP programmer.
from steel_crypt.
P.S. you don't have to tag me. I get notified whenever anyone posts a comment/issue on this package.
from steel_crypt.
The tag parameter cannot be omitted in PHP. It is a required parameter. If NULL is passed, PHP will directly return an error!
from steel_crypt.
I also encountered a communication encryption problem between Java and fluent in Java. AES/CFB/NoPadding is used in Java, and I can't use the nopadding of CFB to fill in in steel_crypt!
from steel_crypt.
moving to #14 for the second part
from steel_crypt.
As for the tag, have you tried an empty/0-filled byte array?
from steel_crypt.
$tag is an output return parameter. You have tried to fill 0 or null, which is wrong!
from steel_crypt.
I'm fixing this in steel_crypt 2.0, which will (hopefully) be out in a month or so.
Monitor #22.
from steel_crypt.
@cailetech Also, just saying, you should file an issue with the php people. The authentication tag is NOT a required param for secure encryption.
from steel_crypt.
This is fixed in 2.0. You can now pass aad to GCM.
from steel_crypt.
Not to nag, but I have also had some problems with the tag - NOT the aad. I need to use a 96-bit tag but it appears steel_crypt only generates 64-bit tags?
I also suspect the bytes in the tag might be wrong, but I haven't had time to examine this aspect closely yet.
Doing this:
AesCrypt encrypter = AesCrypt(
mode: ModeAES.gcm,
padding: PaddingAES.pkcs7, // Causes an exception if set to "none"
key: key128bit
);
String out=encrypter.encrypt(
plaintext,
iv: ivbuf
);
on a plaintext of 88 bytes results in an output of 96 bytes which, given that AES-GCM does not use padding, should mean that a tag of 8 bytes (64bits) has been appended to the encrypted data?
Manually inspecting the output from another implementation (Firefox, subtle.crypto) of the same data with the same key and IV (and setting the tag length to 96 bits) results in the same output for the first 88 bytes but after that the result diverges. That is, the result is different after the 88th byte.
To summarize:
- I need to set the tag length to 96 bits, but I have not found a way to do this.
- The appended tag differs from the result of another implementation which, if I understand it correctly, appears to be wrong.
Would humbly request this issue to be reopened.
from steel_crypt.
@Archprogrammer Thanks for this extremely detailed report. I would ask that you make a new issue for this; perhaps "Investigate AES-GCM divergence" or something of that sort. I agree that something is up here.
from steel_crypt.
@ghost you would pass 128. I didn't read your issue well at first, and misunderstood what you wanted.
from steel_crypt.
Related Issues (20)
- Get iv automatically HOT 6
- FormatException: Invalid character HOT 2
- Password-based AES CBC encryption? HOT 5
- SHA3 SHAKE HOT 3
- How to use AES mode ECB with ZeroPadding HOT 1
- Cannot call has pass in PBKDF2 mode HOT 4
- Investigate AES-GCM divergence, tag HOT 17
- Trying to encryption/decryption data using NodeJs Fails HOT 13
- RegistryFactoryException: No algorithm registered of type BlockCipher with name: AES/OFB HOT 7
- RegistryFactoryException when calling HashCrypt(algo: HashAlgo.Sha3_256).hash(inp: username) HOT 6
- Flutter web build fails when including any version of steel crypt. HOT 8
- 'SecureRandom' is imported from both 'package:encrypt/encrypt.dart' and 'package:pointycastle/api.dart'.
- encrypt and decrypt data between python crypto package and dart steel_crypt HOT 1
- AES-256-GCM HOT 3
- Publish package HOT 1
- Null safety HOT 5
- It's "insecure" HOT 1
- Wrong password for decryption raises FormatException (Clarification) HOT 2
- Speed
- Does this package allows AES-GCM or ChaCha20Poly1305 streaming? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from steel_crypt.