Invalid IV Size Despite Checking Size #74
Description
I am working to recreate some encryption I am doing in PHP to ensure that both systems can encrypt and decrypt data and communicate with each other. Interestingly, I am getting 'Invalid IV Size' when using crypt.open() despite having checked the IV size first. Here is an abbreviated example of my code:
function decrypt(value){
...
// initialize the algorithm
var crypt = new MCrypt('rijndael-256', 'cbc');
...
// decode the iv
const iv = atob(pieces[1]);
// check that the IV is okay
log.debug(iv.length + ' !== ' + crypt.getIvSize()); // returns "32 !== 32", which is false
if(iv.length !== crypt.getIvSize()){
return false;
}
// prepare for decryption
crypt.open(config.encryption_key, iv);
...
}
As you can see from the code, if the length of the IV is not equal to the IV size as determined by getIvSize(), my function should simply return false. Looking at the debug line directly above, we can see that the IV length is 32 and the response from crypt.getIvSize() is also 32. They match. So the script continues to run and when it gets to crypt.open() it returns the error 'Invalid IV Size.' We know the IV size is good. We checked it right before running crypt.open() and it matches what is returned from crypt.getIvSize(). What am I missing?