Home/ Questions/Q 7884149
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T04:43:14+00:00

This is what I have: $password = openssl_random_pseudo_bytes(245); $passwdtemp = tempnam(‘/tmp’, mt_rand()); file_put_contents($passwdtemp, $password);

  • 0

This is what I have:

$password = openssl_random_pseudo_bytes(245);
$passwdtemp = tempnam('/tmp', mt_rand());
file_put_contents($passwdtemp, $password);
passthru('openssl aes-256-cbc -salt -in infile.png -out outfile.png -kfile ' . $passwdtemp;

Once every hundred times or so, passthru would give me error “zero length password”, passed from OpenSSL. This is different from the error ‘unable to read key from /private/tmp/7503675258rhTiX’, which occurs when the file doesn’t exist.

I’m feeling it has something to do with the password generated by openssl_random_pseudo_bytes. Any way to get this to work properly?

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    According to the OpenSSL docs, the -kfile option reads the password from the first line in a file. That implies the password contains text, not binary data.

    If your random data happens to start with a newline character, then the first “line” in the file is empty. So I’ll guess that the problem occurs once every two hundred fifty-six times or so. 🙂

    Try converting $password from binary to printable hex characters before you store it in the file, or (if you want a larger key space) throw away unprintable bytes.

    You may also want to ensure the file is readable only by you; otherwise the password is available for snooping.

    • 0