All work
- Encrypt issue using Base64, invalid character [=] in base64 string at positionLDEV-4101Resolved issue: LDEV-4101Pothys - MitrahSoft
- ESAPI functions result in "CTOR threw exception" error with 2.2.4.5 extensionLDEV-3975Resolved issue: LDEV-3975Michael Offner
- Query Params are not Resolved When Query has Question MarkLDEV-4424Michael Offner
- NPE lucee.runtime.net.http.ReqRspUtil.getCookies(ReqRspUtil.java:144)LDEV-4135Resolved issue: LDEV-4135Zac Spitzer
- Logs being written out to the wrong contextLDEV-4263Resolved issue: LDEV-4263Michael Offner
- Lucee is leaving abandoned files in tomcat temp directoryLDEV-4047Resolved issue: LDEV-4047Michael Offner
- QoQ returns number with .0 (decimal)LDEV-4181Resolved issue: LDEV-4181Michael Offner
- regression: ints being returned as decimalsLDEV-4188Resolved issue: LDEV-4188Pothys - MitrahSoft
- Regression - application log datasource appender throws 500 – Internal Server Error on lucee restartLDEV-4034Resolved issue: LDEV-4034Pothys - MitrahSoft
- regression - changing logging appender not working without lucee restartLDEV-4033
- Lucee seems to ignore logger config attribute appender="console"LDEV-4032Michael Offner
- cfhttp can't connect to https://repo1.maven.org/LDEV-4029Resolved issue: LDEV-4029Michael Offner
- 5.3.9 stops logging while in a docker containerLDEV-4022
- Regression - isJson() throws java.lang.NumberFormatExceptionLDEV-4006Resolved issue: LDEV-4006Pothys - MitrahSoft
- Regression - For in loop inside the queryEach callback are not thread safeLDEV-4004Resolved issue: LDEV-4004Pothys - MitrahSoft
- regression: Cflog stops writing to filesLDEV-3978Resolved issue: LDEV-3978Michael Offner
- reMatchNoCase() regex regression in 5.3.8LDEV-3703Resolved issue: LDEV-3703Pothys - MitrahSoft
- BigDecimal cfswitch regressionLDEV-4500Michael Offner
- DeserializeJSON Corrupts Large NumbersLDEV-4103Resolved issue: LDEV-4103Pothys - MitrahSoft
- static scope does no reset when extended Component changesLDEV-4212Resolved issue: LDEV-4212Pothys - MitrahSoft
- Lucee Admin - Logging delete option didn't workLDEV-4412Resolved issue: LDEV-4412Pothys - MitrahSoft
- NPE in CFMLFactoryImpl.getPageContextImplLDEV-4162Resolved issue: LDEV-4162Michael Offner
- CFHTTP returning filecontent as an arrayLDEV-4264Resolved issue: LDEV-4264
- Log4j2 resets log level to ERRORLDEV-4035Resolved issue: LDEV-4035Pothys - MitrahSoft
- Extension - Applications link in server admin times outLDEV-3890Resolved issue: LDEV-3890Pothys - MitrahSoft
- IOException occurs when search for propriate codecs.LDEV-4158Resolved issue: LDEV-4158Zac Spitzer
- Regression: Custom cookie parsing now used over servlet's cookiesLDEV-3979Resolved issue: LDEV-3979Michael Offner
- jdbc commit issues using transactions and hibernateLDEV-3980Resolved issue: LDEV-3980Michael Offner
28 of 28
Encrypt issue using Base64, invalid character [=] in base64 string at position
Fixed
Description
Environment
Windows 2019 Server
Apache Tomcat/9.0.40
Java 11.0.11 (AdoptOpenJDK) 64bit
Lucee Version 5.3.8.201 vs 5.3.9.141
is caused by
relates to
Michael Offner
Details
Details
Assignee
Pothys - MitrahSoft
Pothys - MitrahSoftReporter
Brian Rideout
Brian Rideout
Priority
CriticalNew Issue warning screen
Before you create a new Issue, please post to the mailing list first https://dev.lucee.org
Once the issue has been verified, one of the Lucee team will ask you to file an issue
Affects versions
Created 26 July 2022 at 22:11
Updated 7 May 2025 at 12:03
Resolved 8 August 2022 at 12:25
Activity
Zac Spitzer 7 May 2025 at 11:49(edited)
Zac Spitzer
7 May 2025 at 11:49
(edited)
Pothys - MitrahSoft 9 August 2022 at 07:40
Pothys - MitrahSoft
9 August 2022 at 07:40
Zac Spitzer 8 August 2022 at 12:32
Zac Spitzer
8 August 2022 at 12:32
Pothys - MitrahSoft 8 August 2022 at 12:25
Pothys - MitrahSoft
8 August 2022 at 12:25
I checked this ticket with the lucee fixed versions. Now using precise argument, encrypt(), decrypt(), encryptBinary(), decryptBinary() works fine as expected.
Pothys - MitrahSoft 8 August 2022 at 12:06
Pothys - MitrahSoft
8 August 2022 at 12:06
I added a tests to Encrypt(), Decrypt(), encryptBinary(), decryptBinary() with precise argument
Pull Request:
regression caused by [LDEV-3818]
lucee/Lucee/blob/5.3/core/src/main/java/lucee/commons/digest/Base64Encoder.java#L126
lucee.runtime.exp.NativeException: invalid character [=] in base64 string at position [23]
at lucee.commons.digest.Base64Encoder.decode(Base64Encoder.java:126)
at lucee.runtime.coder.Base64Coder.decode(Base64Coder.java:75)
at lucee.runtime.coder.Coder.decode(Coder.java:62)
at lucee.runtime.crypt.Cryptor._crypt(Cryptor.java:117)
at lucee.runtime.crypt.Cryptor.crypt(Cryptor.java:64)
at lucee.runtime.crypt.Cryptor.encrypt(Cryptor.java:150)
at lucee.runtime.crypt.Cryptor.encrypt(Cryptor.java:165)
at lucee.runtime.functions.other.Encrypt.invoke(Encrypt.java:70)
at lucee.runtime.functions.other.Encrypt.call(Encrypt.java:47)
As discussed on dev.lucee.org
TryCF to replicate the issue:
Running that code in 4.5 works. Running it in 5 does not.
Anyone with base64 keys generated in 4.5 may have issues decrypting after upgrading. Issue arose between Lucee Version 5.3.8.201 and 5.3.9.141
Update there is a new
preciseargument, defaulting to true in 6, if you are encountering this problem, set precise to falsehttps://docs.lucee.org/reference/functions/encrypt.html#argument-precise