Decrypt showing error authentication failed

Question

I am using codeigniter 4. Why is my code showing error when I'm trying to encrypt my URL ID in view?

view:

<?php $
  encrypter = \Config\Services::encrypter(); 
  $data1 = $value['id_aktivitas'];                         
  $data1 =  $encrypter->encrypt($data1);
?>  

<a href="<?= base_url('aktivitas/edit_aktivitas/'.$data1) ?>" class="btn btn-warning">Edit</a>

and here is my controller :

 public function edit_aktivitas($id)
 {
    $encrypter = \Config\Services::encrypter();     
    $id = $encrypter->decrypt($id);
    $data=['aktivitas'  => $this->AktivitasModel->edit_aktivitas($id)];
 }

and here is my model :

    public function edit_aktivitas($id)
    {      
        return $this->db->table('t_aktivitas')->where('id_aktivitas', $id)->get()->getRowArray();
    }

I got this error

"CodeIgniter\Encryption\Exceptions\EncryptionException Decrypting: authentication failed. "

Answer 1

Well i ran into the same bug bro and i tried to fix it so this is my solution that worked very well for me.

1. Create a new key after setting your starter key @ App\Config\Encryption.php
2. Create an encoded key: Setting Your Encryption Key Your encryption key must be as long as the encryption algorithm in use allows. For AES-256, that’s 256 bits or 32 bytes (characters) long.

The key should be as random as possible, and it must not be a regular text string, nor the output of a hashing function, etc. To create a proper key, you can use the Encryption library’s createKey() method.

// $key will be assigned a 32-byte (256-bit) random key

$key = Encryption::createKey(32);

The key can be stored in app/Config/Encryption.php, or you can design a storage mechanism of your own and pass the key dynamically when encrypting/decrypting.

To save your key to your app/Config/Encryption.php, open the file and set:

public $key = 'YOUR KEY';

Note: passing the generated key here by copy and past will damage the binary representation so continue reading blow

Encoding Keys or Results

You’ll notice that the createKey() method outputs binary data, which is hard to deal with (i.e. a copy-paste may damage it), so you may use bin2hex(), hex2bin() or Base64-encoding to work with the key in a more friendly manner. For example:

// Get a hex-encoded representation of the key:
  $encoded = bin2hex(Encryption::createKey(32));
  echo $encoded

If you use base64_encode() make sure to use the base64_decode() in the constructor below and in encrypting your messages

e.g:

// if you use base64_encode do this
 $message = 'some message to encode';
 $encrypter = \Config\Services::encrypter();
 $encodedMsg = base64_encode($encrypter->encrypt($message));

 // decrypt the message 
 $txt = $encrypter->decrypt(base64_decode($encodedMsg))
 echo $txt;

// and in your App\Config\Encryption.php Constructor that will 
// dynamically decode the key to binary safe use 
base64_decode($encodedKey) 
// only if you encode the key using the 
base64_encode($key)

//And if you use 
bin2hex($key) 
// during key creation in the constructor use:
hex2bin($encodedKey) 
// and when transporting your message over url use: 
bin2hex($encodedMessageFromEncrypter->encrypt($msg)) 
// and decode it using 
hex2bin($transportedMessage)

#Passing the key dynamically in your App\Config\Encryption.php

// create a constructor that will dynamically Put the same value in your config with hex2bin(),

// so that it is still passed as binary to the library: like this:

public function __construct(){
   //copy the encoded key and pass it in here
   $this->key = hex2bin($encoded);
}

Then try to encrypt and decrypt the text again!

Answer 2

I had same issue too. As mentioned in the above answer by OBI PASCAL BANJUARE creating Encryption Key is important but also note that $data1 = $encrypter->encrypt($data1); generates binary data. Do not save binary data in database, instead encode your generated binary data by using bin2hex() or base64_encode() (haven't tried base64 yet) and then save it. eg:

ENCRYPTION

encrypter = \Config\Services::encrypter(); 
$data = 'SOME_TEXT';                         
$encrypted_data =  bin2hex($encrypter->encrypt($data));

DECRYPTION

$decrypted_data = $encrypter->decrypt(hex2bin($encrypted_data));
echo $decrypted_data;

Answer 3

OBI PASCAL BANJUARE has explained the answer well. To explain it in a more simple way I like to share my answer. Hopefully, it will help others in the future.

1. In Config>Encryption.php File

   public $key = '1234567890111213';
   // You Secret Key Length 16 words if block size 16 It can be any string
   public $blockSize = 16;

2. User it either in controller or view where you are trying to access it either to encrypt or to decrypt

   $encrypter = \Config\Services::encrypter();

3. Encode your value

$co = bin2hex($encrypter->encrypt($co_id));
$emp = bin2hex($encrypter->encrypt($emp_id));

4. Decode your value

$co = $this->encrypter->decrypt(hex2bin($co_id));
$emp = $this->encrypter->decrypt(hex2bin($emp_id));

Note: For encrypt bin2hex is used where as for decrypt hex2bin is used.

Answer 4

It seems different approaches to solve this message.

May the explained and at the moment favored.

The DB-lenghts, which is also described as solution on GitHub (so thumbs up ihsan).

And in my case, I got on this page because of the same error, but my solution was the wrong steps for decode

bin2hex(encode($data));

vs.

hex2bin(decode($data));

but right is

decode(hex2bin($data));

So it seems, it's mostly a problem with the incoming string which we would decode.

Answer 5

codeigniter 4

I tried to get a token from a request and I got the same error Decrypt showing error authentication failed

$token=$this->request->getVar('token');
$this->encrypt->decrypt($token);

The solution is

1- before sending a request, use base64_encode

$token =$this->encrypt->encrypt("-----");
return $this->respond(array("data"=>array("token"=>base64_encode($token))));

2- after receiving a request, use base64_decode

$token=$this->request->getVar('token');
$this->encrypt->decrypt(base64_decode($token));

This is working on my codeigniter project, hope this helps!

Answer 6

increase password field length in database. May be it solve your error