Fatal Error TFA and Real Aes

@zebda, I have fix the issue on my local. Please review MR

Thanks how can I use this change as patch?

I got it to work, thanks a lot!

@zebda, If this patch fixed the issue, please change the status from needs review to " reviewed & tested by community"

@abhishek_virasat Thanks for the patch, however, it doesn't seem to have fixed the error.
After applying I'm getting below;

Drupal\encrypt\Exception\EncryptException: Bad key length. in Drupal\real_aes\Plugin\EncryptionMethod\RealAESEncryptionMethod->decrypt() (line 76 of modules/contrib/real_aes/src/Plugin/EncryptionMethod/RealAESEncryptionMethod.php).

@pasan.gamage, thanks for letting me know, definitely Will look into it, and update asap.

@pasan.gamage, please kindly review the MR. Both issue will be fixed.

Hi @abhishek_virasat thank you very much for the prompt reply.
I tried to apply this patch and even when I tried to apply the patch before this I had an issue.
Seems like it is not possible through composer.

I've below in my composer file

"drupal/real_aes": {
                "Fatal Error TFA and Real Aes": "https://git.drupalcode.org/project/real_aes/-/merge_requests/6.patch"
            }

and I get composer error in console;

- Installing drupal/real_aes (2.5.0): Extracting archive
  - Applying patches for drupal/real_aes
    https://git.drupalcode.org/project/real_aes/-/merge_requests/6.patch (Fatal Error TFA and Real Aes)
   Could not apply patch! Skipping. The error was: Cannot apply patch https://git.drupalcode.org/project/real_aes/-/merge_requests/6.patch

Having said that;
Prior to your last patch, I went through the required modules for encrypt module and I noticed that my TFA module was on 1.2 and after updating it to ^2.0@alpha made the error go away.

I had the same error before applying patch, see screenshot 1.
I added the diff in the patches section of my composer.json:
"drupal/real_aes": {
"#3391390": "https://git.drupalcode.org/project/real_aes/-/merge_requests/6.diff"
}
And I required the dev version:
composer require 'drupal/real_aes:2.x-dev@dev'

That installed and the patch applied.

After I did the steps again (adding 2FA for a user, scanning QR code, entering the number) I got the 'Bad key length' error, see screenshot 2.
I tried installing TFA ^2.0@alpha but that did not fix it.

What fixed is was changing my key. It seems I must of made a misstake when I generated my key.
So I overwrote my existing key:
dd if=/dev/urandom bs=32 count=1 > private/encrypt.key
And also, I edited my key at /admin/config/system/keys and set the key size to '256' beause I had it set at 'Other' apparently.

Now everything works!

So the problem was the key all along, not the real_aes module I suppose.

Update, the key adjustments made the user setup 2FA without error.
But when I logged the user out and tried to log back in, now I got this error:
Encoding::hexToBin() input is not a hex string.

Seems like my key is still wrong or it might be a separate issue alltogether.
I'm trying to figure this out now.

It seems this MR has not fixed the user for #14. Also, the MR adds meaningless blank lines, so at a minimum those need to be removed.

Fix issue
Drupal\encrypt\Exception\EncryptException: Encoded data is shorter than expected. in Drupal\real_aes\Plugin\EncryptionMethod\RealAESEncryptionMethod->decrypt() (line 82 of modules/contrib/real_aes/src/Plugin/EncryptionMethod/RealAESEncryptionMethod.php).

Patches appear to shuffle exceptions. In what way do they "fix" the original report?

There is already an MR, so it should be updated instead of posting a patch.

I've traced the problem down to the encryption profile configuration - it was using a key of the wrong length. Encrypt module provides an API for the encryption plugins to prevent such issues. However this API wasn't used by this module.

I've removed everything that was not relevant and added that API usage to the merge request. N.B. These changes will not fix existing broken installation, but will prevent those from appearing. If you have a broken installation that gives you an error mentioned in the description you should create a 256 bits key first than navigate to the "Encryption profiles" page and update the profile used for the TFA module by selecting the correct 256 bits long key. With the changes from this merge request you wouldn't even be able to select a wrong key.

Changes have been tested manually and are working as expected.

Thanks everyone!

Automatically closed - issue fixed for 2 weeks with no activity.