Laravel - DecryptException: 'The MAC is invalid'
The problem is you generated a new APP_KEY, then if you try to decrypt the old encrypted data it will show the DecryptException: The MAC is invalid
.
If you want to decrypt the old data you need to restore your old APP_KEY.
After realizing that, now, adding a new problem there, if you stored new data with another APP_KEY or another encryption method you have a problem on the data because they are mixed on the table.
In case you don't know when do you started with the new encrypt method or differentiate the new encrypted entries, the fastest solution would be reset all the passwords with the new encrypt method.
You can learn more about how Laravel encryption works on the official Laravel docs.
Laravel 5: Decryption error The Mac is invalid
It was an error on redis server.
Hope that someone will help.
what is difference in 'The MAC is invalid' and 'The Payload is invalid' laravel?
Laravel encode and decode with base64 the playload. Here take a look :
/**
* Get the JSON array from the given payload.
*
* @param string $payload
* @return array
*
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
protected function getJsonPayload($payload)
{
$payload = json_decode(base64_decode($payload), true);
// If the payload is not valid JSON or does not have the proper keys set we will
// assume it is invalid and bail out of the routine since we will not be able
// to decrypt the given value. We'll also check the MAC for this encryption.
if (! $this->validPayload($payload)) {
throw new DecryptException('The payload is invalid.');
}
if (! $this->validMac($payload)) {
throw new DecryptException('The MAC is invalid.');
}
return $payload;
}
/**
* Verify that the encryption payload is valid.
*
* @param mixed $payload
* @return bool
*/
protected function validPayload($payload)
{
return is_array($payload) && isset($payload['iv'], $payload['value'], $payload['mac']) &&
strlen(base64_decode($payload['iv'], true)) === openssl_cipher_iv_length($this->cipher);
}
/**
* Determine if the MAC for the given payload is valid.
*
* @param array $payload
* @return bool
*/
protected function validMac(array $payload)
{
$calculated = $this->calculateMac($payload, $bytes = random_bytes(16));
return hash_equals(
hash_hmac('sha256', $payload['mac'], $bytes, true), $calculated
);
}
Illuminate/Encryption/Encrypter.php
As you can see there is a double check, if you modify manually the payload it won't necessarily have the correct structure and will return The payload is invalid
.
Then, when the payload is valid, it will try with the MAC. When the content doesn't match, it will return The MAC is invalid.
The MAC Invalid
Try
php artisan cache:clear
composer clear-cache
composer dump-autoload
and clear browser cache
Refer this
How to solve The payload is invalid in Laravel 8 when the payload suddenly becomes NULL
As per official documentation
Laravel's encryption services provide a simple, convenient interface
for encrypting and decrypting text via OpenSSL using AES-256 and
AES-128 encryption.All of Laravel's encrypted values are signed using a message
authentication code (MAC) so that their underlying value can not be
modified or tampered with once
Before using Laravel's encrypter, you must set the key configuration option in your config/app.php configuration file.
It means encryption decryption depends on app key
value.If new app key generated then old encrypted value will not work with new app key
Ref:https://laravel.com/docs/8.x/encryption
Updated
The issue is encrypted value was stored partially in database table due to data type varchar(191).
So better to change data type varchar(191)
to longtext
or text
Related Topics
Browscap Ini Directive Not Set
Can Anyone Give Me an Example for PHP's Curlfile Class
Process Very Big CSV File Without Timeout and Memory Error
Get All Records from MySQL Database That Are Within Google Maps .Getbounds
Wamp - Remove Localhost from Project Url
Is There Java Hashmap Equivalent in PHP
PHP Notice: Undefined Offset: 1 with Array When Reading Data
Is Header('Content-Type:Text/Plain'); Necessary at All
PHP Warning: Unknown: Failed to Open Stream
PHP Date Time Greater Than Today
How to Test PHP Locally Without Installing a Server
Loop Through All Months in a Date Range