Error message appears when opening cart (Shopping Cart J4)
Warning: openssl_decrypt(): IV passed is only 8 bytes long, cipher expects an IV of precisely 16 bytes, padding with \0 in /home/viinis/domains/virtuvinis.lt/public_html/administrator/components/com_virtuemart/helpers/vmcrypt .php on line 84
It's on a white background, so it's hard to see. At the same time, the cart icon is moved.
When the quantity is changed and updated, a message appears at the top of the page.
I wonder which PHP version you are using.
PHP 8.0.26
On PHP 8.1.13 the same error, but only more errors appear:
1. Custom Filters extensions from Breakdesigns
2. module VirtueMart Products — /home/viinis/domains/virtuvinis.lt/public_html/administrator/components/com_virtuemart/models/product.php
lol, what a screenshot. The thing is, we never hat this error and the code is years old. It is also very "generic" code. Wonder what I could change here.
Maybe this will help
https://www.php.net/manual/en/function.openssl-encrypt.php
The code uses the length of the set method
$ivlen = openssl_cipher_iv_length(self::VMCIPHER);
$iv = substr($ciphertext_dec, 0, $ivlen);
$original_plaintext = openssl_decrypt($ciphertext_raw, self::VMCIPHER, $key['key'], $options=OPENSSL_RAW_DATA, $iv);
self::VMCIPHER = = "AES-128-OFB";
strange
Replacing const VMCIPHER = "AES-128-OFB" with const VMCIPHER = "AES-128-CBC" solves the problem!
class vmCrypt {
const ENCRYPT_SAFEPATH="keys";
//const VMCIPHER = "aes-128-gcm";
//const VMCIPHER = "AES-128-OFB";
const VMCIPHER = "AES-128-CBC";
const VMCIPHER71 = "aes-128-gcm";
static function encrypt ($string) {
$key = self::_getKey (0,true);
Hmm, I wonder what happens, when I change that. I mean, with already encrypted data. Maybe better to solve, with an hidden config.
Next core it will be added as hidden config, that means open your virtuemart.cfg file and add
VMCIPHER=AES-128-CBC
Quote from: Milbo on August 17, 2023, 15:34:33 PM
Hmm, I wonder what happens, when I change that. I mean, with already encrypted data. Maybe better to solve, with an hidden config.
I don't understand encryption.
I understand from posts on the internet that using uppercase AES-128-CBC will give a consistent value which is 16.
https://stackoverflow.com/questions/37439981/openssl-encrypt-randomly-fails-iv-passed-is-only-x-bytes-long-cipher-exp
I tried - it worked.
As I said, I cannot change it in the core, because it may break already existing coded values.
But I added an hidden config, so add what I wrote to your config (file), store your vm config (in browser) one time and you dont need to think about it, anylonger.
Updated to VM 4.2.4.10922
Again error message appears when opening cart (Shopping Cart J4),
Warning: openssl_decrypt(): IV passed is only 8 bytes long, cipher expects an IV of precisely 16 bytes, padding with \0 in /home/viinis/domains/virtuvinis.lt/public_html/administrator/components/com_virtuemart/helpers/vmcrypt .php on line 87
Check for VMCIPHER=AES-128-CBC in your virtuemart.cfg file
Quote from: jenkinhill on October 01, 2023, 13:42:47 PM
Check for VMCIPHER=AES-128-CBC in your virtuemart.cfg file
Milbo wrote what needed to be done.
Quote from: Milbo on August 21, 2023, 20:52:33 PM
But I added an hidden config, so add what I wrote to your config (file), store your vm config (in browser) one time and you dont need to think about it, anylonger.
But I don't know how to do it.
The virtuemart.cfg file cannot be edited in DirectAdmin.
Please write how to do this correctly.
Edit the file using the server cPanel or use FTP to download & edit the file.
Quote from: Milbo on August 21, 2023, 20:52:33 PM
But I added an hidden config, so add what I wrote to your config (file), store your vm config (in browser) one time and you dont need to think about it, anylonger.
Added VMCIPHER=AES-128-CBC to the virtuemart.cfg file. The error has disappeared.
Thanks @Milbo and @jenkinhill