Using OPENSSL_RAW_DATA param in openssl_decrypt with php 5.3

EmmyS picture EmmyS · Jul 11, 2014 · Viewed 7.5k times · Source

My company is implementing V.me checkout on our site. Visa has provided us with a file of php helper functions for decrypting data, but one of them uses openssl_decrypt with the OPENSSL_RAW_DATA parameter, which only became available in PHP 5.4.something.

return openssl_decrypt($data, 'aes-256-cbc', hashKey($key), OPENSSL_RAW_DATA, $iv);

We are running PHP 5.3, and there is no option to upgrade. How can I modify this function so it still does what it was designed to do, without that global parameter being available?

Answer

Narf picture Narf · Jul 11, 2014

Just pass (integer) 1, that's the value of the OPENSSL_RAW_DATA constant:

return openssl_decrypt($data, 'aes-256-cbc', hashKey($key), 1, $iv);

Prior to PHP 5.4, it was a boolean parameter called "raw_data", so you could pass boolean TRUE as well, but there's an advantage to using the integer - it is forward compatible.

On PHP 5.3, int(1) is implicitly casted to boolean TRUE, while on 5.4+ you'd be passing the real flag value.