1--TEST-- 2Crypto\Cipher::setTag in GCM mode basic usage. 3--SKIPIF-- 4<?php 5if (!Crypto\Cipher::hasMode(Crypto\Cipher::MODE_GCM)) 6 die("Skip: GCM mode not defined (update OpenSSL version)"); 7?> 8--FILE-- 9<?php 10$key = str_repeat('x', 32); 11$iv = str_repeat('i', 16); 12 13$data = pack("H*", '622070d3bea6f720943d1198a7e6afa5'); 14$tag = pack("H*", 'ed39e13f9a9fdf19036ad2f1ed5d2d1f'); 15 16$cipher = new Crypto\Cipher('aes-256-gcm'); 17$cipher->setTag('wrong tag'); 18try { 19 echo $cipher->decrypt($data, $key, $iv) . "\n"; 20} 21catch (Crypto\CipherException $e) { 22 if (Crypto\CipherException::FINISH_FAILED) { 23 echo "FAILED\n"; 24 } 25} 26 27$cipher = new Crypto\Cipher('aes-256-gcm'); 28$cipher->setTag($tag); 29echo $cipher->decrypt($data, $key, $iv) . "\n"; 30 31 32try { 33 $cipher->setTag($tag); 34} 35catch (Crypto\CipherException $e) { 36 if ($e->getCode() == Crypto\CipherException::TAG_SETTER_FORBIDDEN) { 37 echo "FLOW\n"; 38 } 39} 40 41?> 42--EXPECT-- 43FAILED 44aaaaaaaaaaaaaaaa 45FLOW 46