I think the information I asked for will make any of that clear; I’m asking for that code to be placed on a server that actually exhibits the problem, you said that you could reproduce it on your remote server, is that not really the case?

I enclose a log file and CodeIgniter Encryption Class with my additions to the lines ‘debug’

Thanks Olf, a bit more than I asked for, but good nonetheless.

And so what do you think the issue is?  I still cannot replicate with your data, key, encryption mode, and cipher, and do not see how it would.  Is this a Windows IIS server by chance?  ECB doesn’t even use an IV, so this looks like a PHP/server bug to me.  What’s it reporting for mcrypt_enc_get_block_size()?

I checked the length of data that comes with responsibility.
Feature _add_cipher_noise - returns different amounts of data.
In good case: 960 bytes.
In the bad: 672

Here’s the data in hex form:

Good

Input 896 bytes:

ff7d8054f522f4f849c8858b637f6ce485a00f9daa4f72daa1572e09940c154d627939364c6879c5b93a30cb3e5b8367c4cf7f0f17ddf89e5a0265be7e6f77ccc68a24c7e95cbedbebdc063416d94f044a9b0e643dbcc9bbf73c091fabe59b04d2e1797b83006e47ddeafe261ba988fb3e2349dd412a15097af5d44a64dba6a68b785469a5c001bab4b54d8a9fda35bae75066ca44139152c6551265f3b4e987ef0dc5fc82aa1e9004034b5a43c3a9f763b9f5239339bfafa903b1ea0659bd9f3f8db63c81ee0e26ddb5378b2ee63d82e44ae1069b6159499d8d09b237328cc91049c9c9dddaee37338695d5c44b9859ec137b478761bb4edffb09975e88e73011f1caff411afba326a8d82a60fc4f92ce4a15271d8689d8bfb0d2c24ef416592a68e9c206451f4932b489cf380d1cef32b2a5161e8e4e2f8eb892dc3c5ce4096312f40f060b436b39bf4ff21b1d86675ca62758e60313779213622f9200d8735b7e2187bb0735272bebc847d8fe9d1448dbb4224634b7fb48c13610e13bb22d51004fa6af21af834eb6c6ba6be3ce77f31088d80aadc44df9a77f9f21c962072b1062ada048e2753c517e2124e9870823c62bae5d6b74b79d652e4b73586adf 

Output 960 bytes:

d2cdb71724b12b1001bc154601dccb3bd4d63ca54a3872ed654c3cb39f12d24832e1e58c5b592d2facf9bac493b0a516bdd740d20f86a20ed6ba646bc470468395ab6e9b7d98acfcec9e9503a492bc9e2700b448470e31d0923996f3e3a6a700fbed5a2919c0ef111e0e3b994709823b7dff739ca3f302f25a6d3e58db16d4360a18aab0e8379e7b124d34884b0db93171557e42725a4840ad593982ca12dfddeea989a2d5f13aececec7ebf041165ee1cb39c2c7477c288f98747ca24e41cbe22712a34e8e157c76734809373f4e2299bf02658f870efe3de66e74c36bdeed572bfeba1b21e415d10199cc3941d76b9477b163fcb92927bd5c43ae79c69bcfd45acff2b0d3e1f6d66b8ca3af57bcb901f77e07fed98f485422c3ed08eb920624928fb34a6512bd75b0b0e8c906080c8017c4a8c4eb6bc0ff21437fab42b4f908d991efb3676587b6aebba049d444c236715db784ef27f65c1eac7416d8c1740967659476c427ca29cf0842b4b4ebf9994dd588d4b3a43abc7769891c26409a98eb056ecec37685e5e4f2d7f3e35d64bab0ce95b7665f02d80f867454672e26186638508df85e0b981e8fb1f9c1301ae2674ed1070e4fd845cd8b4d851fa9b39634793e2057f12a971b4b483544db83e56f860138e9ba7eed0c99383d98fa316 

Bad

Input 896 bytes:

4afb479f083c30363b1b494e8cb9f8a6c7f1c1d1be08ff76f887bca161317020d661003c6f86264a3dfeb6f2ddd39a20a22a8f40312e92a54b80c9fbd2465978ca77262d1bbd5ae1cef86d813e777f168b83ae997d9d2336c4c3dcf87185678efdaec6dc13354f9225dc731713754c696a9a04f6574029ad17bb66dd3950543528459d47bb92241e1bd7431cc27d5aa40616cfbb871896011bcfbf4bbde420f18c44447615ccee5fd4482eaade1957557dfeeef84234b4cb842cf8f647d02ae4e305e5f74b9003389de54790475404d9acac6ea78cb466716b5a1843a94ade2146d145d430f8ccda358e37b0b9eb1a3317ac2563b90c69a343816e00d4bc4e594d7721533708736588d1da45cea961aabe0f6a0e78407e7bb09d8ffa30afcd3d0e2eb7f3ffdaa1dd79e151a0930e22465da283ad9be4f472ba19741f30e6d4b5d9061ab3471c196dd88c5c15a13030e5fad4cc2f070350e5cfbd59c2caf84b94bc05183e3ac5e24ce349a2d43d2731c4fd63feb5a19465e42891d16a62f00b3a8cf9b9e1571c32f9c932b93d34a3b6819eee39fd23737db6964640c6957126b98df0a76a4fe256b44d0fa8d91f81ad80e94dc47cf8aae136041dfa19e8197a67 

Output 672 bytes:

0660a04eef41a109d211ec82f77b78ac9e60fea18f07b039928df811f8da1aea7d5facd76e73696d9e4c7e87bcea31d8ff28f206233f2faa2deaf2039195a156099335a1a0b6598170621b2a430ad357055bc479615fcbd783b7fa30377d89acffda5c8f4b218b17012aa2e66fa7b24dbee713d1e3d45c6d27f41131a1b6a0c035e5f711786c7fc65a3fa97943d97d9f9dcc395b88705ce44a1fcb159f878d6c8b76d280ebc35d50530e745127b48ad83b79051db77cc7374e01f4b0ee145328bfa8a9ae7b032796377963e30e4a9087b5351f2da76be4ffb98f2e5877345b1a16371a5c7cc0366fd049acc8ad8b3d100fdda3e0bce59fa3a39149780e810e557b347b36605cfd1068c06c15ea1b4d6a4a108a9b1f43a2daa6b2a33904ed878b85ae52889c3fa399bd3410a7fe0d92e0f1419f73a970b1b2e301f43296e60674715fec2c2f0bda0fb11882d5f845527a 

Can you answer the questions I asked please?

See the information. Zip

I give up.

I read the CI about a month.
He began to collect one site and faced with the problem.
I sent you in “personal message” link to the file, which is my site to which these problems have arisen.

Again.
At the local server - no problems. Since No Mcrypt library.
On the remote server - the problem only when encrypting the session.

I understand you have found a server where there’s a problem, but I have asked for answers to very simple questions, which have gone unanswered.  If I can’t reproduce it, I can’t help you, and I don’t have time to read through verbose debugging logs with hex encoded data and modified CI files to try to decipher it, only to discover it doesn’t contain the answer to my question anyway.  The only other alternative is for someone who is experiencing this problem to both figure out why it’s failing and propose a fix.

Sorry.
I know little English.
Rather, I did not understand your question.
Please specify.

What do you think the cause is?
Is this a Windows IIS server by chance?
What’s it reporting for mcrypt_enc_get_block_size()?

Server = Linux / Apache 2.2.9 / mcrypt 2.5.7

Reason, I still can not understand.

At the moment I came to that data are stored in coockies come from the damaged ‘encode’.

When reading and interpretation of data from cookies - errors. CI - creates a new session and all data is encrypted and stored perfectly!

After that, when adding data to the session - on the call to sess_write() ->> $this->_set_cookie($cookie_userdata) ->> $this->CI->encrypt->encode($cookie_data) ->> encode() ->> $this->mcrypt_encode($enc, $key) ->> $this->_add_cipher_noise() - here at the outlet produced a short string, and later in the session recorded already corrupted data.

At the moment, I was confronted with the fact that the function _add_cipher_noise() gives bad data.

mcrypt_enc_get_block_size - and where to learn option ‘td’ for this feature?

Thanks Olf: for what it’s worth, your English is 1000 times better than my Russian!

Sorry, on the block size calculation, I meant mcrypt_get_block_size(), which does not require an opened mcrypt resource.

Do I understand you correctly that the problem only manifests when custom data is written to the session?

mcrypt_get_block_size() = 32

mcrypt - I have only sessions.

Thanks.  This is what really convinces me that this is a bug with the compiled encryption library on the server, and not with CI’s code.

Message: mcrypt_decrypt() [function.mcrypt-decrypt]: The IV parameter must be as long as the blocksize

Your IV is 32 characters, your block size is 32 characters so the error is not consistent with reality.  Additionally, ECB mode shouldn’t even be trying to use the IV, since only CBC, CFB, OFB, and stream modes use an IV to initialize the algorithm.

My recommendation would be to search the bug trackers of both libmcrypt and the server’s OS distro vendor for potential known issues and/or patches.  Alternatively, you might try recompiling PHP with an older version of libmcrypt, or try using an encryption mode other than ECB on this server and see if that works.