5

We are getting the following warning after updating from PHP 5.5.18 to PHP 5.6.2:

mcrypt_decrypt(): Key of size 20 not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported

The encryption algorithm appeared to work fine before this:

$decrypttext = mcrypt_decrypt(
  MCRYPT_RIJNDAEL_256,
  $this->keys[$key_label],
  $crypttext,
  MCRYPT_MODE_ECB,
  $iv
);

It would be a major pain to have to re-encrypt everything, is there something I can pad the key with so that it works the same way as before?

Presumably there aren't any security vulnerabilities here.

Arth
  • 12,789
  • 5
  • 37
  • 69
  • 1
    See the Backwards Incompatible changes between 5.5 and 5.6, Afraid you will have to write a Fixer as you did it wrong to start with [PHP Documentation](http://php.net/manual/en/migration56.incompatible.php) – RiggsFolly Mar 09 '15 at 15:13
  • _“Presumably there aren't any security vulnerabilities here”_ – that is probably the attitude that every single service that got hacked somehow had shown before … – CBroe Mar 09 '15 at 15:16
  • @CBroe “Presumably there aren't any security vulnerabilities here” - as in I can't think of any but if someone knows of one could you inform me. Not as in "I can't be bothered with security".. so thanks for that unnecessary high and mighty comment. – Arth Mar 09 '15 at 15:24
  • 1
    `str_pad($this->keys[$key_label], "\0", 32)` ought to do it, but `MCRYPT_RIJNDAEL_256`? ECB mode? Eww :( – Scott Arciszewski Mar 09 '15 at 19:08
  • Please consider switching to a peer-reviewed alternative like https://github.com/defuse/php-encryption instead of rolling your own. – Scott Arciszewski Mar 09 '15 at 19:09
  • @Scott Thanks for the suggestions, as far as I can find out `MCRYPT_RIJNDAEL_256` is pretty similar to the standard `MCRYPT_RIJNDAEL_128` or was in 2010 [see this qu](http://stackoverflow.com/questions/2809855/which-php-mcrypt-cipher-is-safest?rq=1). Yes, ECB was an oversight, but we are actually only encrypting numbers (shorter than the block length) and email addresses for urluse. Why does a small git-hub extension count as peer-reviewed and not the mcrypt extenstion? – Arth Mar 10 '15 at 12:04
  • 1
    The github extension provides authenticated encryption. libmcrypt has been abandoned since 2007 and, in PHP 7, is probably going to be replaced with openssl. – Scott Arciszewski Mar 10 '15 at 13:49

1 Answers1

13

Before this change, keys of an invalid size were padded with \0 up to the next valid keysize, so presumably you should be able to do the same with your key by adding four null bytes \0\0\0\0 to the end.

Now the caveat is that of course this is a weak key that will not provide the intended level of security, but it isn't going to be any worse than it already was, and you have other significant security issues with how you're encrypting as well, such as the use of ECB mode which is generally disastrous for security.

So, when you do decide it's time to update, choosing a key of a valid size is only one of the changes that needs to be made, and you should probably be do this as soon as you feasibly can.

Xander
  • 479
  • 1
  • 13
  • 25