AES.php encrypt / decrypt error

[Credomo]

Sorry, I'm not skilled enough to correct that.

Describe Implementation of AES encrypt / decrypt

To Reproduce Steps to reproduce the behavior:

1. Add some test code in main/inc/local.inc.php

include('Crypt/AES.php');
$aes = new Crypt_AES();
$aes->setKey('test_key');
$encoded = $aes->encrypt('test_message');

2. Error in /var/log/apache2/error.log

[Tue Jul 11 14:26:58.789669 2023] [php:error] [pid 463164] [client 82.142.16.165:40551] PHP Fatal error: Uncaught Error: Undefined constant "CRYPT_AES_MODE" in /var/www/html/lms/main/inc/lib/phpseclib/Crypt/AES.php:294\nStack trace:\n#0 /var/www/html/lms/main/inc/local.inc.php(130): Crypt_AES->encrypt()\n#1 /var/www/html/lms/main/inc/global.inc.php(559): require('...')\n#2 /var/www/html/lms/index.php(15): require_once('...')\n#3 {main}\n thrown in /var/www/html/lms/main/inc/lib/phpseclib/Crypt/AES.php on line 294

Expected behavior $encoded should be the encoded text.

Server

• Chamilo 1.11.18
• OS: Debian 12
• Apache2
• MariaDB

[Credomo]

Upgraded Chamilo to 1.11.20 : The same error message in /var/log/apache2/error.log

[ywarnier]

This doesn't really seem to be a problem with Chamilo... From Chamilo's code, it seems like when you call new Crypt_AES(), it should define the CRYPT_AES_MODE constant (the one it complains about in Apache's logs). See here: it checks if the php-mcrypt extension is there and if the rijndael-128 algorithm is supported, then defines it, but even if this is not true, it sill gives a definition to the constant.

https://github.com/chamilo/chamilo-lms/blob/1.11.x/main/inc/lib/phpseclib/Crypt/AES.php#L180-L188

I'm not sure what you're trying to achieve, but if you want to modify Chamilo's code to change the chiper for passwords or something, you should probably be ready to dive a little deeper in the inner things of the code to see if you've got all it looks for...