Invalid version tag

Question

Invalid version tag

rajan-sharma opened this issue 6 years ago · 4 comments

I am using halite to encrypt and decrypt password for specific use case.
However some time decrypt method is throwing exception as Invalid version tag while other time its working fine. I don't understand this behaviour.
Is that something I am doing incorrectly, please guide. Thanks in advance.

 Invalid version tag {"exception":"[object] (ParagonIE\\Halite\\Alerts\\InvalidMessage(code: 0): Invalid version tag at /projects//vendor/paragonie/halite/src/Symmetric/Config.php:49)
[stacktrace]
#0 /projects/vendor/paragonie/halite/src/Symmetric/Crypto.php(377): ParagonIE\\Halite\\Symmetric\\Config::getConfig('\\t1\\x9C\\xA2', 'encrypt')
#1 /projects/vendor/paragonie/halite/src/Symmetric/Crypto.php(149): ParagonIE\\Halite\\Symmetric\\Crypto::unpackMessageForDecryption('some random key')
#2 /projects//vendor/paragonie/halite/src/Symmetric/Crypto.php(108): ParagonIE\\Halite\\Symmetric\\Crypto::decryptWithAd('some random key', Object(ParagonIE\\Halite\\Symmetric\\EncryptionKey), '', 'base64urlsafe')

My decrypt method is as below

$decrypted = Symmetric::decrypt($ciphertext, $encryptionKey);

@paragonie-scott

Answer 1 · 2018-10-01T16:58:32.000Z

Can you show me a sample ciphertext?

Answer 2 · 2018-10-03T05:08:58.000Z

Hi ,
It seems the error is from our side with some old bad data.
@paragonie-scott Thanks for your time.

Answer 3 · 2019-05-05T10:16:48.000Z

I came across this problem recently: the cause was due to dumping ciphertext generated with Symmetric\Crypto::encrypt() directly into a text file. File::decrypt() will rightly fail due to an invalid checksum. Getting the contents of the file and calling Symmetric\Crypto::decrypt() works in this case.

Answer 4 · 2022-08-13T15:13:34.000Z

Im just adding a note here for future searchers, today I had this issue. "Invalid version tag"...

I caused it today by having two different services consume encrypted data, while running different versions of paragonie/halite

One was running version 4.x of this lib, and one was running version 5.x of this lib.

The 5.x encrypted something and the 4.x lib could not decrypt it. Duh! Im an idiot.

I upgraded both services to use the 5.x libs and then everything was ok again.