mcrypt_decrypt

(PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)

mcrypt_decrypt — Decrypts crypttext with given parameters

Ostrzeżenie

This function has been DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0. Relying on this function is highly discouraged.

Opis

mcrypt_decrypt ( string $cipher , string $key , string $data , string $mode [, string $iv ] ) : string

Decrypts the data and returns the unencrypted data.

Parametry

cipher: Jedna ze stałych MCRYPT_szyfr, lub nazwa algorytmu jako ciąg znaków.
key: The key with which the data was encrypted. If the provided key size is not supported by the cipher, the function will emit a warning and return FALSE
data: The data that will be decrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.
mode: Jedna ze stałych MCRYPT_MODE_nazwatrybu, lub jeden z następujących ciągów znaków: "ecb", "cbc", "cfb", "ofb", "nofb" lub "stream".
iv: Stosowany dla inicjalizacji trybów CBC, CFB, OFB, oraz - przy niektórych algorytmach - trybu STREAM. Nie podając IV, jeśli algorytm tego wymaga, spowoduje wygenerowanie ostrzeżenia i zwrócenie FALSE przez funkcję.

Zwracane wartości

Returns the decrypted data as a string lub FALSE w przypadku niepowodzenia.

Rejestr zmian

Wersja	Opis
5.6.0	Invalid `key` and `iv` sizes are no longer accepted. mcrypt_decrypt() will now throw a warning and return `FALSE` if the inputs are invalid. Previously keys and IVs were padded with '\0' bytes to the next valid size.

Zobacz też:

mcrypt_encrypt() - Encrypts plaintext with given parameters

add a note

User Contributed Notes 8 notes

down

eddiec at stararcher dot com ¶

18 years ago


It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize.  For old C-programmers, like myself, it is easy to believe the string ends at the first null.  In PHP it does not:



    strlen("abc\0\0") returns 5 and *NOT* 3

    strcmp("abc", "abc\0\0") returns -2 and *NOT* 0



I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.



My solution was:

<?php

    $retval = mcrypt_decrypt( ...etc ...);

    $retval = rtrim($retval, "\0");     // trim ONLY the nulls at the END

?>

down

gmmarco at outlook dot my ¶

6 years ago


Look at http://php.net/manual/en/function.openssl-decrypt.php for a replacement. 

Supports PHP 5 >= 5.3.0, PHP 7

down

david at sickmiller dot com ¶

15 years ago


If you happen to be decrypting something encrypted in ColdFusion, you'll discover that its encrypt function apparently pads the plaintext with ASCII 4, the "end of transmission" character.

Building on eddiec's code, you can remove both nulls and EOTs with this:

<?php
    $retval = mcrypt_decrypt( ...etc ...);
    $retval = rtrim($retval, "\0\4");     // trim ONLY the nulls and EOTs at the END
?>

down

pnz dot r00t at yandex dot ru ¶

8 years ago


When i using this function i find some problem, with adding additional binary symbols in decode message. 
$sDecrypt – «2433091»
$sDecrypt strlen – 16 (before trim) 
$sDecrypt – «2433091»
$sDecrypt strlen – 7 (after trim)
At local PC this problem solved by using trim/trim, but if I send my encrypt message to sever, and try encrypt them, I see that my message is not 16 symbols, as it was in my local pc, it is 32 sybmols, after encode. And trim function not working. I look at symbols code and what I see 
    50
    52
    51
    51
    48
    57
    49
    0
    0
    0
    0
    0
    0
    0
    0
    0
    10
    158
    112
    183
    154
    27
    95
    85
    42
    35
    95
    54
    227
    41
    179
    77
After “tabulation symbols” I get some junk symbols, and  I solve this problems like this.
After mcrypt_decrypt I use this code 
$plaintext_dec = substr($plaintext_dec, 0, strpos($plaintext_dec, "\0"));
I think it is not best resolution for this problem, but I solve my problem :)

down

beltrachi ¶

12 years ago


Caution, MCRYPT_RIJNDAEL_256 is not equivalent to AES_256.



The way to make RIJNDAEL be decrypted from AES with openssl is to use MCRYPT_RIJNDAEL_128 and padd the string to encrypt before encrypting with the follwing function:



<?php

function pkcs5_pad ($text, $blocksize) {

    $pad = $blocksize - (strlen($text) % $blocksize);

    return $text . str_repeat(chr($pad), $pad);

}

?>



On the decryption, the choosing of AES_256 or AES_128, etc. is based on the keysize used in the crypting. In my case it was a 128bit key so I used AES_128.

down

evangelion207 at hotmail dot com ¶

13 years ago


Be careful, sometimes mcrypt_decrypt return additional white spaces to the uncrypted string; use trim() for deleting them. I was like 2 hours searching the error and it was that..

down

-2

Anonymous ¶

13 years ago


To remove PKCS7 padding:



<?php

    $decrypted = mdecrypt_generic($td, base64_decode($enc_auth_token));

    $dec_s = strlen($decrypted);

    $padding = ord($decrypted[$dec_s-1]);

    $decrypted = substr($decrypted, 0, -$padding);

?>

down

-21

artaxerxes2 at iname dot com ¶

10 years ago


To decrypt data coming from MySQL's AES_ENCRYPT function:

<?php

function mysql_aes_key($key)
{
    $new_key = str_repeat(chr(0), 16);
    for($i=0,$len=strlen($key);$i<$len;$i++)
    {
        $new_key[$i%16] = $new_key[$i%16] ^ $key[$i];
    }
    return $new_key;
}

function aes_decrypt($encrypted,$key)
{
    // if $encrypted is HEXed, then return it to binary
    $encrypted = pack('H*',$encrypted);

    $key = mysql_aes_key($key);
    return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,$encrypted,MCRYPT_MODE_ECB,''),"\x00..\x1F");
}

?>

adapted from the article "Replicating MySQL AES Encryption Methods With PHP" (dated 2012-05-20) found somewhere online.

add a note