mcrypt_decrypt() error change key size
Did you update to 5.6? It says
Invalid key and iv sizes are no longer accepted. mcrypt_decrypt() will now throw a warning and return FALSE if the inputs are invalid. Previously keys and IVs were padded with '\0' bytes to the next valid size.
Reference
Read the last line of that quote, and there you will find your solution :)
mcrypt_decrypt(): Key of size 15 not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported
That means you need to pad your key with \0
(that's what previous versions were doing for you)
$key=$key."\0";
mcrypt_decrypt() error change key size
Did you update to 5.6? It says
Invalid key and iv sizes are no longer accepted. mcrypt_decrypt() will now throw a warning and return FALSE if the inputs are invalid. Previously keys and IVs were padded with '\0' bytes to the next valid size.
Reference
Read the last line of that quote, and there you will find your solution :)
mcrypt_decrypt(): Key of size 15 not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported
That means you need to pad your key with \0
(that's what previous versions were doing for you)
$key=$key."\0";
mcrypt_encrypt(): Key of size
Used to be if your key was too short that PHP would pad it with \0. This is no longer the case since PHP version 5.6.0. You should check how big required key is for the cipher being used: http://php.net/manual/en/function.mcrypt-get-key-size.php Note there are other ways to check key size, check the documentation. Simple way I understand key size: a string like 'fubar' in ASCII is 5 * 8 = 40 bytes (8 bytes per char). But that's making assumptions about character set in use. Some comments at php.net better explain how to roll a key of correct size:
$key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");
Here the 64 char string will be converted into 32 byte key because bc is a byte, b0 is another, etc. From http://php.net/manual/en/function.mcrypt-encrypt.php
You can double check number of bytes with strlen(). From above example strlen($key) will print out 32.
mcrypt_decrypt(): Size of key is too large for
The error message says it all. AES256 requires a 256-bit (that is, 8 character) key; the key you are passing to it is too large.
mcrypt warning on update to php 5.6.2; Key of size x not supported
Before this change, keys of an invalid size were padded with \0
up to the next valid keysize, so presumably you should be able to do the same with your key by adding four null bytes \0\0\0\0
to the end.
Now the caveat is that of course this is a weak key that will not provide the intended level of security, but it isn't going to be any worse than it already was, and you have other significant security issues with how you're encrypting as well, such as the use of ECB mode which is generally disastrous for security.
So, when you do decide it's time to update, choosing a key of a valid size is only one of the changes that needs to be made, and you should probably be do this as soon as you feasibly can.
Related Topics
Unix Permissions, Read VS. Execute (PHP Context)
Session Share Across Multiple Domains on Same Server
In Simplexml, How to Add an Existing Simplexmlelement as a Child Element
PHP - Find If an Array Contains an Element
PHP Post Limited to 1000 Variables
How to Grab All Variables in a Post (Php)
Can't Install Xdebug on Windows
Set Quantity Minimum, Maximum and Step at Product Level in Woocommerce
What Does an Exclamation Mark Before a Function Really Mean in PHP
"Transfer-Encoding: Chunked" Header in PHP
Apostrophes Are Breaking My MySQL Query in PHP
PHP String Comparasion to 0 Integer Returns True
Http Auth via PHP - PHP_Auth_User Not Set
Including PHP Variables in an External Js File
Wrapping a Div Around Every Third Item in a Foreach Loop PHP
Yii2 Links Between Frontend and Backend (Advanced Template)