mcrypt_decrypt() error change key size

Solution 1

Did you update to 5.6? It says

Invalid key and iv sizes are no longer accepted. mcrypt_decrypt() will now throw a warning and return FALSE if the inputs are invalid. Previously keys and IVs were padded with '\0' bytes to the next valid size.

Reference

Read the last line of that quote, and there you will find your solution :)

mcrypt_decrypt(): Key of size 15 not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported

That means you need to pad your key with \0 (that's what previous versions were doing for you)

$key=$key."\0";

Solution 2

I went ahead and created a function based on Hanky 웃 Panky's answer.

This can be used with any key length to make sure it's the correct size.

function pad_key($key){
    // key is too large
    if(strlen($key) > 32) return false;

    // set sizes
    $sizes = array(16,24,32);

    // loop through sizes and pad key
    foreach($sizes as $s){
        while(strlen($key) < $s) $key = $key."\0";
        if(strlen($key) == $s) break; // finish if the key matches a size
    }

    // return
    return $key;
}

Solution 3

For Laravel 5

Just run php artisan key:generate:

Application key [EaaJgaD0uFDEg7tpvMOqKfAQ46Bqi8Va] set successfully.

If you don't see your key updated, just paste it in your .env file.

APP_KEY=EaaJgaD0uFDEg7tpvMOqKfAQ46Bqi8Va

Refresh your page

function padKey($key) 
{
    // Get the current key size
    $keySize = strlen($key);

    // Set an array containing the valid sizes
    $validSizes = [16,24,32];

    // Loop through sizes and return correct padded $key
    foreach($validSizes as $validSize) {
        if ($keySize <= $validSize) return str_pad($key, $validSize, "\0");
    }

    // Throw an exception if the key is greater than the max size
    throw new Exception("Key size is too large"); 

}

Author by

Asaf Maoz

Software Dev, Multi langs, BackEnd oriented. Java, PHP, Python, some JS, DB stuff etc etc

Updated on July 10, 2022