From 2df6fa0237a46b0b3bb22abc9f812bd32370d312 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 11 Nov 2025 01:32:17 +0100
Subject: [PATCH] Add test on data decryption

---
 htdocs/core/lib/security.lib.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index d44e33a7ee7..985760d1342 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -219,6 +219,11 @@ function dolDecrypt($chain, $key = '')
 			} else {
 				$newchain = openssl_decrypt((string) $tmpexplode[0], $ciphering, $key, 0, '');
 			}
+			// Test validity of decryption
+			if (!ascii_check($newchain)) {
+				dol_syslog("Error dolDecrypt failed: The key dolibarr_main_dolcrypt or dolibarr_main_instance_unique_id, found in conf.php file, is the the one used to encrypt this encrypted string", LOG_ERR);
+				return $chain;
+			}
 		} else {
 			dol_syslog("Error dolDecrypt openssl_decrypt is not available", LOG_ERR);
 			return $chain;