All geek questions in one place

OpenSSL Encryption "Length Length Error" Error

This is what I have:

$password = openssl_random_pseudo_bytes(245); $passwdtemp = tempnam('/tmp', mt_rand()); file_put_contents($passwdtemp, $password); passthru('openssl aes-256-cbc -salt -in infile.png -out outfile.png -kfile ' . $passwdtemp;

Once a hundred times or so, passthru would give me the "zero length password" error passed from OpenSSL. This is different from the error "cannot read the key from / private / tmp / 7503675258rhTiX", which occurs when the file does not exist.

I feel this has something to do with the password generated by openssl_random_pseudo_bytes. Any way to make this work correctly?

Thanks!

0
source share
1 answer

According to OpenSSL docs, the -kfile reads the password from the first line in the file. This means that the password contains text, not binary data.

If your random data begins with a newline, then the first "line" in the file is empty. Therefore, I guess that the problem occurs every two hundred fifty six times or so. :-)

Try converting $password from binary to printed hexadecimal characters before storing them in a file, or (if you want to increase the key space) discard non-printable bytes.

You can also make sure that the file is readable only by you; otherwise, the password is available for tracking.

+1
source

Source: https://habr.com/ru/post/924395/

More articles:


All Articles