17634: Wrong decryption key! - LimeSurvey bugs and feature requests

This bug affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

17634	Bug reports	Encryption	public	2021-09-29 14:43	2021-10-01 09:24

Reporter	ifrass	Assigned To	galads
Priority	none	Severity	crash
Status	closed	Resolution	fixed
Product Version	5.x

Summary	17634: Wrong decryption key!
Description	500: Internal Server Error Wrong decryption key! Decryption key has changed since this data were last saved, so data can't be decrypted. Please consult our manual at https://manual.limesurvey.org/Data_encryption#Errors. This message is displayed when I try to send a survey by email. I have get the code decryption key from the lasted version. No problem with 5.0.3 version Problem with 5.1.13 and 5.1.14
Steps To Reproduce	Steps to reproduce Upgrade to the lastest version of limesurvey copy the three lines $config['encryptionkeypair'] = ''; $config['encryptionpublickey'] = ''; $config['encryptionsecretkey'] = '*******'; from your lastest version (security.php) to the new version. Expected result Sending reminders... Reminder sent to: * All emails were sent Actual result 500: Internal Server Error Wrong decryption key! Decryption key has changed since this data were last saved, so data can't be decrypted. Please consult our manual at https://manual.limesurvey.org/Data_encryption#Errors
Tags	No tags attached.

Bug heat	10
Complete LimeSurvey version number (& build)	5.1.14+210927
I will donate to the project if issue is resolved	No
Browser	Firefox
Database type & version	MariaDB 10.3.27
Server OS (if known)	Debian 10 Buster
Webserver software & version (if known)	Apache 2.4.38
PHP Version	7.3.29

User List	There are no users monitoring this issue.

ifrass 2021-09-29 15:26 reporter ~66653	Problem with 5.1.4 too

ifrass 2021-09-29 15:45 reporter ~66654	No Problem with 5.0.7 Maybe the problem comes from 5.1.x version ....

p_teichmann 2021-09-29 17:52 administrator ~66656 Last edited: 2021-09-29 17:53	Hello, if i read the report right, you tried to upgrade to 5.1.14 from a 4.x.x version. After upgrading, you manually replaced the security.php variables with the old encryption key. When upgrading to the current version your old encryption keys will be kept in the same file but also 2 new variables will be set and those 2 will replace the old 3 variables automatically (during the update the data is being encrypted with the new key). You cannot use your old encryption keys for the new version.

ifrass 2021-09-29 18:04 reporter ~66657	OK I have seen these 2 new variables. I have commented them to keep the old variables. But the error message display again. So if I need to have the new two variables instead of the 3 others, how can I do to have a version without error message display ?

p_teichmann 2021-09-29 18:08 administrator ~66658 Last edited: 2021-09-29 18:09	You have to use the 2 new variables, the 3 old variables are not used anymore, can you confirm that you are using the new variables and have not commented them out and not changed them?

DenisChenu 2021-09-29 18:38 developer ~66659	When upgrading to the current version your old encryption keys will be kept in the same file but also 2 new variables will be set and those 2 will replace the old 3 variables automatically (during the update the data is being encrypted with the new key). You cannot use your old encryption keys for the new version. It must de detailed somewhere : you can put encryption key in config.php too …

ifrass 2021-09-30 09:19 reporter ~66665	I have tried again to upgrade a 5.0.7 (with my old database to 5.1.14 without changing the security.php encryption key. It doesn t work.

ifrass 2021-09-30 09:40 reporter ~66666	Tried to upgrade 4.6.3 to 5.1.14 without changing encryption key. It doesn t work

ifrass 2021-09-30 09:45 reporter ~66667	Do we have to put the old 3 variables in the security.php before limesurvey generate the 2 new encryption key ?

ifrass 2021-09-30 10:10 reporter ~66668	Yes ! we have to put the old encryption key in the config.php file before cliking to upgrade the database. 4.6.3 to 5.1.14 it works !

ifrass 2021-09-30 10:30 reporter ~66669	Another problem. Now when I click to send email, email are sent but participants receive an empty email

ollehar 2021-09-30 13:17 administrator ~66682	@ifrass Can you report a separate bug for your next issue, please?

ifrass 2021-09-30 15:54 reporter ~66695	ok, I make some tests again and I go to the bugtracker to report the another bug if it persists. Thanks

galads 2021-10-01 09:24 reporter ~66704	It seems the empty email issue has to do with the latest apache update. Someone reported already. I will close this issue since it is not a bug. Feel free to open it again if you feel otherwise.

Date Modified	Username	Field	Change
2021-09-29 14:43	ifrass	New Issue
2021-09-29 15:26	ifrass	Note Added: 66653
2021-09-29 15:26	ifrass	Bug heat	0 => 2
2021-09-29 15:45	ifrass	Note Added: 66654
2021-09-29 17:52	p_teichmann	Note Added: 66656
2021-09-29 17:52	p_teichmann	Bug heat	2 => 4
2021-09-29 17:53	p_teichmann	Note Edited: 66656
2021-09-29 18:04	ifrass	Note Added: 66657
2021-09-29 18:08	p_teichmann	Note Added: 66658
2021-09-29 18:09	p_teichmann	Note Edited: 66658
2021-09-29 18:38	DenisChenu	Note Added: 66659
2021-09-29 18:38	DenisChenu	Bug heat	4 => 6
2021-09-30 09:19	ifrass	Note Added: 66665
2021-09-30 09:40	ifrass	Note Added: 66666
2021-09-30 09:45	ifrass	Note Added: 66667
2021-09-30 10:10	ifrass	Note Added: 66668
2021-09-30 10:30	ifrass	Note Added: 66669
2021-09-30 13:17	ollehar	Note Added: 66682
2021-09-30 13:17	ollehar	Bug heat	6 => 8
2021-09-30 15:54	ifrass	Note Added: 66695
2021-10-01 09:24	galads	Note Added: 66704
2021-10-01 09:24	galads	Bug heat	8 => 10
2021-10-01 09:24	galads	Assigned To	=> galads
2021-10-01 09:24	galads	Status	new => closed
2021-10-01 09:24	galads	Resolution	open => fixed

View Issue Details

Steps to reproduce

Expected result

Actual result

Users monitoring this issue

Activities

Issue History