I called aes_encrypt($form_values['number']) in my custom module and the data was saved encrypted. When calling aes_decrypt($value['number']) the value in the database
was retrieved decrypted successfully, but the following warning message displayed on the screen. I could not figure what caused the warning message. For the time being I suppressed the warning message by adding slight modification on line 511 in aes.module
$decrypted = @mdecrypt_generic($td, $string);

warning: mdecrypt_generic() [function.mdecrypt-generic]: An empty string was passed in C:\pathtowebdirectory\mysite\sites\all\modules\aes\aes.module on line 511.


easyfit’s picture


The times I've gotten that warning it has meant pretty much what it says, it happens when you try to decrypt and empty string (nothing to decrypt). But you say that it did decrypt it properly? Maybe there was another decryption taking place around the same time where an empty string was passed? Or was the string you encrypted to begin with empty? I'm actually not sure what you would get if you would encrypt an empty string... I'm not sure I've ever tested that, but it seems like it should still give you a valid encrypted string, just with empty data.

I don't have time to test it right now, but maybe a little later.

wisdom’s picture

The string that I encrypted is not empty.

easyfit’s picture

Is there anyway you could make this reproducible for me to have something to test with? Will I get the error if I just set up a clean Drupal 5 install with the AES module and nothing else? And what value do I need to pass to aes_encrypt/aes_decrypt to get this error?

wisdom’s picture

The aim was just to encrypt 16 digits credit card number (eg. 4230190800211890) and save them on database and decrypt and display them on a screen.

I tested it in environment where there are a lot of other custom modules and not just a fresh Drupal install.

Anonymous’s picture

Version:5.x-1.2» 6.x-1.3

I got following error:
warning: mdecrypt_generic() [function.mdecrypt-generic]: An empty string was passed in /sites/all/modules/aes/aes.module on line 552
I suppose this is due to leave empty password field in user account.
Any solution, when a user leave the password filed blank?

easyfit’s picture

Status:Active» Fixed

Empty strings are silently ignored in v1.4.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

gulash’s picture

The issue it's due when the mdecrypt_generic try to decrypt a string that contains a "+"