Encrypt issue using Base64

We use a private AES key that is generated using the GenerateSecretKey() function built into Lucee.

This gives us a Base64 key that we use to encrypt emails, passwords, etc. for our homegrown CMS system using the encrypt() and decrypt() functions.

The key we use is a valid Base64 encoded string as confirmed here: Base64 Validator | Tools | Base64

We’ve had no issues with this key in prior versions of Lucee but upgrading to breaks it.

We now get the error of “invalid character [=] in base64 string at position [23]”

Not sure why this key would now be seen as an invalid base64 string?

We have passwords in our database that can’t be decrypted now because of this so we have to roll back to a prior version to decrypt.

Could this be a bug in the newest version of Lucee or is something else going on here?

I did see this post: [LDEV-3034] - Lucee


Windows 2019 Server
Apache Tomcat/9.0.40
Java 11.0.11 (AdoptOpenJDK) 64bit
Lucee Version vs

Kudos on why this came about was we were upgrading to include .webp in our CMS. And upgrading Lucee to use the new image extension. THANKS! for making that happen!!!

A trycf.com example would be really helpful!


Running those commands in 4.5 works. Running them in 5 fails.

In our situation, we’ve got base64 keys created from 4 that suddenly don’t work when updating to which as you can imagine causes some issues.

ok, looks like a regression caused by [LDEV-3818] - Lucee

lucee.runtime.exp.NativeException: invalid character [=] in base64 string at position [23]
at lucee.commons.digest.Base64Encoder.decode(Base64Encoder.java:126)
at lucee.runtime.coder.Base64Coder.decode(Base64Coder.java:75)
at lucee.runtime.coder.Coder.decode(Coder.java:62)
at lucee.runtime.crypt.Cryptor._crypt(Cryptor.java:117)
at lucee.runtime.crypt.Cryptor.crypt(Cryptor.java:64)
at lucee.runtime.crypt.Cryptor.encrypt(Cryptor.java:150)
at lucee.runtime.crypt.Cryptor.encrypt(Cryptor.java:165)
at lucee.runtime.functions.other.Encrypt.invoke(Encrypt.java:70)
at lucee.runtime.functions.other.Encrypt.call(Encrypt.java:47)

can you file a bug? please include the above stack trace, code sample and link back it to the above task

Bug Filed: [LDEV-4101] - Lucee