#22828 [Opn]: Warning: mcrypt_decrypt(): The IV parameter must be as long as the blocksize

cbair at dragonmagic dot net Sat, 22 Mar 2003 11:57:28 -0800

 ID:               22828
 User updated by:  cbair at dragonmagic dot net
 Reported By:      cbair at dragonmagic dot net
 Status:           Open
 Bug Type:         mcrypt related
 Operating System: Red Hat Linux/Cobalt RaQ3
 PHP Version:      4.3.2RC1
 New Comment:


I apologize. I went back through and payments made before upgrading to
4.3.2RC1 show fine still. So it must be when inputting the CC number
into the database.

Again, this script hasn't been upgraded since 4.2, so it should still
work the same if the mcrypt functions haven't changed.

Code here as is for inserting:

$algo = MCRYPT_RIJNDAEL_192;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($algo, MCRYPT_MODE_ECB),
MCRYPT_RAND);
$enc_str = mcrypt_encrypt($algo, $salt, $cc_num, MCRYPT_MODE_CBC,
$iv);
$new_cc = addslashes($enc_str);

$construct = "INSERT INTO `payment`
(`payee`,`amount`,`bill_name`,`bill_add`,`bill_city`,`bill_state`,`bill_code`,`bill_country`,`ship_name`,`ship_add`,`ship_city`,`ship_state`,`ship_code`,`ship_country`,`email`,`phone_home`,`phone_work`,`cc_type`,`cc_exp`,`cc_name`,`cc_num`,`cc_cvv2`,`description`,`date`,`iv`)
VALUES
('$endorsee','$total','$bill_name','$bill_add','$bill_city','$bill_state','$bill_code','$bill_country','$ship_name','$ship_add','$ship_city','$ship_state','$ship_code','$ship_country','$email','$phone_home','$phone_work','$cc_type','$cc_exp','$cc_name','$new_cc','$cc_cvv2','$description','$date','$iv')";
$set_mysql = mysql_query($construct) or die("Could not insert your
information into the database. Your information was not stored or sent.
Please try again later. If you feel this is in error, please contact <a
href=\"mailto:$admin\";>$admin</a>.");


Previous Comments:
------------------------------------------------------------------------

[2003-03-22 13:50:58] cbair at dragonmagic dot net

A payment script I wrote up for simplicity has worked throughout 4.2
and up to 4.3.1. I recently installed 4.3.2RC1 on my RaQ3 server with
mcrypt, and now the payment script, upon trying to retrieve a credit
card number, reveals:

Warning: mcrypt_decrypt(): The IV parameter must be as long as the
blocksize

There have been no changes to the script since 4.2. It retrieves
information from a MySQL database, which also has not changed or been
upgraded, except extra rows added as people pay.

I cannot retrieve any payment information now with this. If you need
sample code, please let me know.

------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=22828&edit=1

#22828 [Opn]: Warning: mcrypt_decrypt(): The IV parameter must be as long as the blocksize

Reply via email to