fix: normalize SodiumHandler params and padding failures by gr8man · Pull Request #10321 · codeigniter4/CodeIgniter4

gr8man · 2026-06-17T19:39:57Z

This PR fixes bugs and improves the validation and error handling logic of the encrypt and decrypt methods in the SodiumHandler.

Key changes:

Fixed runtime params handling: blockSize can now be passed without also passing key, while ['key' => null] falls back to the configured instance key.
Unified Key Validation: Added key length validation (SODIUM_CRYPTO_SECRETBOX_KEYBYTES) to ensure invalid Sodium keys throw EncryptionException instead of native Sodium errors.
Normalized Padding Errors: Wrapped sodium_unpad() failures so mismatched blockSize during decrypt throws EncryptionException.
Refactored Params Parsing: Simplified the extraction of $key and $blockSize from the $params array.
Code Cleanup: Removed redundant inline comments to improve code readability.

michalsn

Please rename the new testBug* methods to behavior-focused names. For example, testBug2InvalidKeyLengthThrowsSodiumException() expects EncryptionException, so the current name is misleading.

I also think testBug1MemzeroZeroesInternalKey() and testBug4OriginalDataIsNotZeroed() are questionable as regression tests. Can we either remove them or rewrite them around the actual behavior we want to protect?

Co-authored-by: Michal Sniatala <michal@sniatala.pl>

…ecrypt-bugs

michalsn

Looks good, thank you. Please add a changelog entry.

For future PRs, please use the PR template when writing the description.

michalsn · 2026-06-22T19:48:14Z

For future, when updating your PR, please use rebase instead of merge:

git remote add upstream https://github.com/codeigniter4/CodeIgniter4.git
git fetch upstream

git switch fix/problem123
git rebase upstream/develop

git push --force-with-lease origin fix/problem123

The upstream remote only needs to be added once. If you already added it before, you can skip the first command.

michalsn · 2026-06-22T16:55:05Z

 - **Commands:** Fixed a bug where ``spark lang:find`` treated translation keys already provided by the framework or another namespace (such as ``Errors.*`` in ``system/Language``) as new, listing them under ``--show-new`` and writing untranslated placeholders into ``app/Language`` that overrode the existing translations.
 - **Config:** Fixed a bug where ``BaseService::injectMock`` did not apply ``strtolower`` consistently, causing inconsistent Service and Mock registration and resolution.
 - **Database:** Fixed a bug where ``updateBatch()`` could be called after Query Builder ``where()`` conditions, even though it's not supported. In this situation, now the ``DatabaseException`` is thrown.
+- **Encryption:** Fixed bugs in ``SodiumHandler`` where incorrect key handling and mismatched block sizes caused encryption and decryption failures.


Suggested change

- **Encryption:** Fixed bugs in ``SodiumHandler`` where incorrect key handling and mismatched block sizes caused encryption and decryption failures.

- **Encryption:** Fixed bugs in ``SodiumHandler`` where runtime ``blockSize`` overrides without ``key`` were handled incorrectly, invalid key lengths could leak native Sodium errors, and mismatched decrypt ``blockSize`` values could throw ``SodiumException`` instead of ``EncryptionException``.

gr8man added 2 commits June 17, 2026 21:22

fix: SodiumHandler encrypt/decrypt key handling bugs

30fb2f6

chore: clean up redundant comments

b4c23fd

gr8man changed the title ~~Fix: Prevent internal key destruction and unify validation in SodiumHandler~~ fix: prevent internal key destruction and unify validation in SodiumHandler Jun 17, 2026

gr8man added 2 commits June 17, 2026 21:53

test: use Reflection to access protected property in SodiumHandlerTest

fee9dd0

test: resolve ReflectionException

c29fbc0