PHP :: Bug #67707 :: IV not needed for ECB encryption mode. but it return an warning

Bug #67707	IV not needed for ECB encryption mode. but it return an warning
Submitted:	2014-07-29 10:05 UTC	Modified:	-
From:	nirajtiwary at gmail dot com	Assigned:
Status:	Closed	Package:	mcrypt related
PHP Version:	5.5.15	OS:	Windows 7
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	nirajtiwary at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2014-07-29 10:05 UTC] nirajtiwary at gmail dot com

Description:
------------
Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 0, needed: 16 in D:\xampp\htdocs\AES_Encryption.php on line 141


but as specified in PHP User manual it says IV is ignored for ECB.
http://php.net/manual/en/function.mcrypt-generic-init.php

on Passing 16 Byte string it gives Fatal Exception.


Fatal error: Uncaught exception 'Exception' with message 'The specified encryption mode does not use an initialization vector. You should pass an empty string, zero, FALSE, or NULL.' in D:\xampp\htdocs\AES_Encryption.php:107 Stack trace: #0 D:\xampp\htdocs\test1.php(11): AES_Encryption->__construct('123456789012345...', '123456789012345...', 'PKCS7', 'ecb') #1 {main} thrown in D:\xampp\htdocs\AES_Encryption.php on line 107


I have tried with String zero FALSE and NULL. None works.


Test script:
---------------
<?php
 
include('padCrypt.php');
include('AES_Encryption.php');
 
$key 	          = "12345678901234561234567890123456";
$iv               = "1234567890123456";
$message          = "The quick brown fox jumped over the lazy dog";
 
//$AES              = new AES_Encryption($key, $iv);
$AES              = new AES_Encryption($key, '', 'PKCS7', "ecb" );
$encrypted        = $AES->encrypt($message);
$decrypted        = $AES->decrypt($encrypted);
$base64_encrypted = base64_encode($encrypted);

echo $message;
echo "<BR>";
echo $encrypted;
echo "<BR>";
echo $decrypted;
echo "<BR>";


Expected result:
----------------
The warning should not be shown.

Actual result:
--------------
Encryption is done but it should not raise a warning.

Patches

Pull Requests

Pull requests:

Fixed bug #67707 IV not needed for ECB encryption mode, but it returns a warning (php-src/1470)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-01-10 22:45 UTC] nikic@php.net

Automatic comment on behalf of php@mcq8.be
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d9cd2876d97d79029a980e7c89aa441fd46a4bf2
Log: Fixed bug #67707 IV not needed for ECB encryption mode, but it returns a warning

[2017-01-10 22:45 UTC] nikic@php.net

-Status: Open +Status: Closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Jul 06 17:01:33 2025 UTC