I've been having some issues with the builtin methods for PHP OpenSSL. I'm attempting to narrow down the issue by trying different methods. I'm trying the following:
$input = "this is a test string";
$opensslCommand = "echo \"{$input}\" | openssl enc -AES-128-CBC -a -nosalt -K " . bin2hex($hashing_secret) . " -iv ". bin2hex($iv);
$first = openssl_encrypt($input, "AES-128-CBC", $hashing_secret, 0, $iv);
$second = exec($opensslCommand);
print(urlencode($first) . "<br/>");
print(urlencode($second) . "<br/>");
however, the output of the above is:
hn%2FZkGKl9EQ7XgFFytcPkTPxJST2jCKEVDoojmkz8xs%3D
hn%2FZkGKl9EQ7XgFFytcPkdQESeAPqlFNwJivth28m9o%3D
As you can see, they start to diverge in the middle of the output. Do I have the configuration wrong for either the builtin or the command line?
3rd party edit:
Making more sense of the output:
Base64 encoded:
hn/ZkGKl9EQ7XgFFytcPkTPxJST2jCKEVDoojmkz8xs=
hn/ZkGKl9EQ7XgFFytcPkdQESeAPqlFNwJivth28m9o=
In hex:
867FD990 62A5F444 3B5E0145 CAD70F91 33F12524 F68C2284 543A288E 6933F31B
867FD990 62A5F444 3B5E0145 CAD70F91 D40449E0 0FAA514D C098AFB6 1DBC9BDA
echo is the culprit here. There's a certain parameter you can use with echo to suppress the newline it appends to its input string: -n. Turns out that was getting piped along with my input into openssl.
$opensslCommand = "echo -n \"{$input}\" | openssl enc -AES-128-CBC -a -nosalt -K " . bin2hex($hashing_secret) . " -iv ". bin2hex($iv);
is the correct command