By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,127 Members | 1,366 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,127 IT Pros & Developers. It's quick & easy.

Mcrypt problem on PHP 4.3.1 / FreeBSD 5.3

P: n/a
Hi,

I'm getting some strange errors that I cannot pin down:

Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 7,
needed: 8 in......

This is strange because the data is encrypted, inserted into the
databse, then later retrieved and decrypted with the necessary hash and
ivector keys.

The data itself is decrypted OK. But the error comes up.

The error does not occur when I run the same code on another machine
running on Mac OS X.

Is this a known bug on this FreeBSD build ?

As this is for a production site, I'm just tempted to set the
error_reporting directive in php.ini to off, as this looks bad when the
error flashes up, but is actually not causing any errors.

I did change alter the initialisation function to:

@mcrypt_generic_init()

but it still displays the error regardless.

This may be a bit obscure, but has anybody else encountered a similar
problem ?

Thanks
SS.

Oct 17 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 7,
needed: 8 in......


Can you post a minimal example of code that produces the warning
message.

---
Steve

Oct 17 '05 #2

P: n/a
OK,

I use the following settings:

$cipher = MCRYPT_GOST;
$mode = MCRYPT_MODE_ECB;
$rand_src = MCRYPT_RAND;

I then randomly generate a hash and assign it to variable $hash, run it
through addslashes(), and use the following to encrypt:

$handle = mcrypt_module_open ($cipher, '', $mode, '');

if (!$handle)
die ("Couldn't locate open mcrypt module.");
$ivector =
mcrypt_create_iv(mcrypt_get_iv_size($cipher,$mode) ,$rand_src);

if (mcrypt_generic_init ($handle, $hash, $ivector) == -1)
die ("Error: mcrypt failure.");

$address1 = addslashes(mcrypt_generic($handle,$address1));
$address2 = addslashes(mcrypt_generic($handle,$address2));
$address3 = addslashes(mcrypt_generic($handle,$address3));
$address4 = addslashes(mcrypt_generic($handle,$address4));
$address5 = addslashes(mcrypt_generic($handle,$address5));
$postcode = addslashes(mcrypt_generic($handle,$postcode));
$firstname = addslashes(mcrypt_generic($handle,$firstname));
$surname = addslashes(mcrypt_generic($handle,$surname));
$telephone = addslashes(mcrypt_generic($handle,$telephone));
$em = addslashes(mcrypt_generic($handle,$email));
$ivector = addslashes($ivector);
$username = addslashes($email);

mcrypt_generic_deinit($handle);
These are inserted into the database tables, then I later decrypt with:
$site_sql="SELECT * FROM security WHERE client_id ='$client_id' LIMIT
1";

$site_get = mysql_query($site_sql) or die (mysql_error());
while ($row = mysql_fetch_array($site_get))
{
$hash_temp = stripslashes($row['hash']);
$iv_temp = stripslashes($row['iv']);
}

$site_sql="SELECT * FROM client WHERE client_id ='$client_id' LIMIT 1";
$site_get = mysql_query($site_sql) or die (mysql_error());
while ($row = mysql_fetch_array($site_get))
{
$handle = @mcrypt_module_open ($cipher, '', $mode, '');
if (!$handle)
die ("Couldn't locate open mcrypt module.");
if (@mcrypt_generic_init ($handle, $hash_temp, $iv_temp) == -1)
die ("Error: mcrypt failure.");
$title = $row['title'];
$firstname = trim(stripslashes(@mdecrypt_generic($handle,
$row['firstname'])));
$surname = trim(stripslashes(@mdecrypt_generic($handle,
$row['surname'])));
$address1 = trim(stripslashes(@mdecrypt_generic($handle,
$row['address1'])));
$address2 = trim(stripslashes(@mdecrypt_generic($handle,
$row['address2'])));
$address3 = trim(stripslashes(@mdecrypt_generic($handle,
$row['address3'])));
$address4 = trim(stripslashes(@mdecrypt_generic($handle,
$row['address4'])));
$address5 = trim(stripslashes(@mdecrypt_generic($handle,
$row['address5'])));
$postcode = trim(stripslashes(@mdecrypt_generic($handle,
$row['postcode'])));
$telephone = trim(stripslashes(@mdecrypt_generic($handle,
$row['telephone'])));
$email = trim(stripslashes(@mdecrypt_generic($handle,
$row['email'])));
@mcrypt_generic_deinit($handle);
}

As I said, the data is decrypted fine. But this error keeps popping
up...

Very obscure....

Thanks
SS

Oct 17 '05 #3

P: n/a
As I said, the data is decrypted fine. But this error keeps popping
up...
Suggestions:
$ivector = mcrypt_create_iv(mcrypt_get_iv_size($cipher,$mode) ,$rand_src);


Break this down into two calls, and check that the size returned from
the first call is what you expect.

$ivsize = mcrypt_get_iv_size($cipher,$mode);
// [ check/debug $ivsize before use ]
$ivector = mcrypt_create_iv($ivsize,$rand_src);

Use <http://www.php.net/manual/en/function.mcrypt-enc-get-iv-size.php>
instead to see if it makes a difference.

$handle = mcrypt_module_open($cipher, '', $mode, '');
if(!$handle) die ("Couldn't locate open mcrypt module.");
$ivsize = mcrypt_enc_get_iv_size($handle);
// [ check/debug $ivsize before use ]
$ivector = mcrypt_create_iv($ivsize,$rand_src);

Or suppress the warning as you suggest, as it seems harmless 8-)

---
Steve

Oct 17 '05 #4

P: n/a
I may just try and surpress the error.

I'm probably getting off the point here, but will the following
command:

ini_set('display_errors','0');

surpress ALL errors, or just some errors.

I ask, because on the code I posted above, adding a @ before the mcrypt
functions still caused the error to appear.....

Oct 17 '05 #5

P: n/a
ini_set('display_errors','0');


You could try turning error reporting off just before the rogue
statement and back on again immediately after:
$oldsetting = ini_set( 'error_reporting', E_NONE );
// ...rogue statment(s) here...
ini_set( 'error_reporting', $oldsetting );
---
Steve

Oct 17 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.