Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#47533] - [5.4] Fix ECB mode validation typo in OpenSSL AES adapter and align related docs

RTC bug PR-5.4-dev Pending

User tests: Successful: Unsuccessful:

avatar mateeaaaaaaa
mateeaaaaaaa
2 Apr 2026

Pull Request resolves # .

  • I read the Generative AI policy and my contribution is either not created with the help of AI or is compatible with the policy and GNU/GPL 2 or later.

Summary of Changes

This PR fixes a mode-validation typo in the OpenSSL AES adapter that caused valid ecb input to be rejected, adds a regression test, and aligns related AES documentation comments.

Functional fix in OpenSSL.php:90 mode allowlist now accepts ecb instead of the misspelled ebc.
Regression test added in OpenSSLTest.php:30.

###Discovery/Triage

This issue was initially identified during a Semgrep-assisted review and then manually validated.

Testing Instructions

  1. Install dependencies:
  2. Run the focused regression test:
  3. Optional syntax checks:
php -l libraries/src/Encrypt/AES/OpenSSL.php
php -l tests/Unit/Libraries/Cms/Encrypt/AES/OpenSSLTest.php

###Actual result BEFORE applying this Pull Request

  1. Calling setEncryptionMode("ecb", 128) was treated as invalid because the allowlist expected ebc.
  2. The adapter silently fell back to cbc/default behavior.
  3. Requested ECB mode was not selected.

###Expected result AFTER applying this Pull Request

  1. Calling setEncryptionMode("ecb", 128) is accepted.
  2. The adapter selects aes-128-ecb as expected (when supported by the OpenSSL build).
  3. Regression test passes and guards against reintroduction.

Link to documentations

Please select:

  • Documentation link for guide.joomla.org:

  • No documentation changes for guide.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

avatar mateeaaaaaaa mateeaaaaaaa - open - 2 Apr 2026
avatar mateeaaaaaaa mateeaaaaaaa - change - 2 Apr 2026
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 2 Apr 2026
Category Libraries Unit Tests
avatar richard67
richard67 - comment - 2 Apr 2026

Pull Request resolves # .

* [ ]  I read the [Generative AI policy](https://developer.joomla.org/generative-ai-policy.html) and my contribution is either not created with the help of AI or is compatible with the policy and GNU/GPL 2 or later.

@mateeaaaaaaa Please confirm the AI policy by checking the check box (replacing the space inside the squared brackets by a capital X).

P.S.: ... and apply my 3 change suggestions.

avatar richard67 richard67 - change - 3 Apr 2026
Title
Fix ECB mode validation typo in OpenSSL AES adapter and align related docs
[5.4] Fix ECB mode validation typo in OpenSSL AES adapter and align related docs
avatar richard67 richard67 - edited - 3 Apr 2026
avatar richard67 richard67 - change - 1 May 2026
Labels Added: Unit/System Tests Updates Requested bug PR-5.4-dev
avatar richard67 richard67 - change - 1 May 2026
Labels Removed: Updates Requested
avatar richard67
richard67 - comment - 1 May 2026

@mateeaaaaaaa Please confirm the AI policy by checking the check box (replacing the space inside the squared brackets by a capital X).

P.S.: ... and apply my 3 change suggestions.

I’ve allowed myself to apply my review suggestions.

avatar richard67
richard67 - comment - 3 May 2026

@mateeaaa As mentioned in my previous comment, I have allowed myself to apply some code style suggestions.

There is one more thing you could do. Could you remove the new unit test (file tests/Unit/Libraries/Cms/Encrypt/AES/OpenSSLTest.php) from your PR?

It might have been useful for testing your PR, but besides that it is not really useful as it tests just this one case and uses reflection. Unit tests should test the public interface of a class. That might not be possible for the issue fixed by your PR.

Besides this, your PR is fine.

avatar richard67 richard67 - change - 9 May 2026
Labels Added: Updates Requested
avatar joomla-cms-bot joomla-cms-bot - change - 9 May 2026
Category Libraries Unit Tests Libraries
avatar richard67
richard67 - comment - 9 May 2026

@mateeaaa As mentioned in my previous comment, I have allowed myself to apply some code style suggestions.

There is one more thing you could do. Could you remove the new unit test (file tests/Unit/Libraries/Cms/Encrypt/AES/OpenSSLTest.php) from your PR?

It might have been useful for testing your PR, but besides that it is not really useful as it tests just this one case and uses reflection. Unit tests should test the public interface of a class. That might not be possible for the issue fixed by your PR.

Besides this, your PR is fine.

As there was no reaction by the author, I've allowed myself to apply the requested change (removal of the not useful new unit test).

avatar richard67 richard67 - change - 9 May 2026
Labels Removed: Unit/System Tests Updates Requested
avatar richard67 richard67 - change - 9 May 2026
Status Pending Ready to Commit
avatar richard67
richard67 - comment - 9 May 2026

RTC as it has 3 approvals by maintainers and cannot really be tested by end users.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/47533.

avatar richard67
richard67 - comment - 9 May 2026

RTC as it has 3 approvals by maintainers and cannot really be tested by end users.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/47533.

avatar richard67 richard67 - close - 9 May 2026
avatar richard67 richard67 - merge - 9 May 2026
avatar richard67 richard67 - change - 9 May 2026
Status Ready to Commit Fixed in Code Base
Closed_Date 0000-00-00 00:00:00 2026-05-09 14:40:19
Closed_By richard67
Labels Added: RTC
avatar richard67
richard67 - comment - 9 May 2026

Thanks @mateeaaa for this PR, and thanks @Hackwar and @rdeutz for review.

Add a Comment

Login with GitHub to post a comment