[openssl-users] Using random bytes only in openssl_encrypt versus real private key

Salz, Rich rsalz at akamai.com
Sun Sep 2 21:53:57 UTC 2018

>    This begs the question: what does openssl_encrypt actually do with just a string
    of random bytes passed as the "key". I can't find anything in the OpenSSL or
    PHP/openssl source code that clearly identifies any particular action
There is no such name (git grep -I openssl_encrypt) in the OpenSSL source.  This is some PHP function that is calling underlying OpenSSL.  I would ask on the PHP forum(s) what it's doing.

More information about the openssl-users mailing list