PHP 5.4.37 Released
    Edit Report a Bug

    mcrypt_decrypt

    (PHP 4 >= 4.0.2, PHP 5)

    mcrypt_decryptDesencripta texto cifrado con los parámetros dados

    Descripción

    string mcrypt_decrypt ( string $cipher , string $key , string $data , string $mode [, string $iv ] )

    Desencripta data y devuelve los datos sin cifrar.

    Parámetros

    cipher

    Una de las constantes MCRYPT_nombredelcifrado, o el nombre del algoritmo como string.

    key

    La clave con la cual los datos fueron cifrados. Si la clave proporcionada no está soportada por el cifrador, la función emitirá una advertencia y devolverá FALSE

    data

    La información que será descifrada con el cifrador y modo dados por los parámetros cipher y mode. Si el tamaño de la información no es n * blocksize, la información será rellenada con '\0'.

    mode

    Una de las constantes MCRYPT_MODE_nombredelmodo, o una de las siguientes strings: "ecb", "cbc", "cfb", "ofb", "nofb" o "stream".

    iv

    Used for the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If the provided IV size is not supported by the chaining mode or no IV was provided, but the chaining mode requires one, the function will emit a warning and return FALSE.

    Valores devueltos

    Devuelve los datos descifrados en formato cadena o FALSE en caso de error.

    Historial de cambios

    Versión Descripción
    5.6.0 Tamaños incorrectos en key y iv ya no son admitidos. mcrypt_decrypt() emitirá una advertencia y devolverá FALSE si los datos de entrada son incorrectos. Anteriormente la clave y el IV eran rellenados con bytes '\0' hasta el siguiente tamaño válido.

    Ver también

    add a note add a note

    User Contributed Notes 6 notes

    up
    10
    eddiec at stararcher dot com
    9 years ago
    It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize.  For old C-programmers, like myself, it is easy to believe the string ends at the first null.  In PHP it does not:

        strlen("abc\0\0") returns 5 and *NOT* 3
        strcmp("abc", "abc\0\0") returns -2 and *NOT* 0

    I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.

    My solution was:
    <?php
        $retval     = mcrypt_decrypt( ...etc ...);
            $retval = rtrim($retval, "\0");     // trim ONLY the nulls at the END
    ?>
    up
    4
    david at sickmiller dot com
    6 years ago
    If you happen to be decrypting something encrypted in ColdFusion, you'll discover that its encrypt function apparently pads the plaintext with ASCII 4, the "end of transmission" character.

    Building on eddiec's code, you can remove both nulls and EOTs with this:

    <?php
        $retval     = mcrypt_decrypt( ...etc ...);
            $retval = rtrim($retval, "\0\4");     // trim ONLY the nulls and EOTs at the END
    ?>
    up
    6
    evangelion207 at hotmail dot com
    3 years ago
    Be careful, sometimes mcrypt_decrypt return additional white spaces to the uncrypted string; use trim() for deleting them. I was like 2 hours searching the error and it was that..
    up
    2
    beltrachi
    3 years ago
    Caution, MCRYPT_RIJNDAEL_256 is not equivalent to AES_256.

    The way to make RIJNDAEL be decrypted from AES with openssl is to use MCRYPT_RIJNDAEL_128 and padd the string to encrypt before encrypting with the follwing function:

    <?php
    function pkcs5_pad ($text, $blocksize) {
            $pad = $blocksize - (strlen($text) % $blocksize);
        return     $text . str_repeat(chr($pad), $pad);
    }
    ?>

    On the decryption, the choosing of AES_256 or AES_128, etc. is based on the keysize used in the crypting. In my case it was a 128bit key so I used AES_128.
    up
    0
    Anonymous
    4 years ago
    To remove PKCS7 padding:

    <?php
        $decrypted     = mdecrypt_generic($td, base64_decode($enc_auth_token));
            $dec_s = strlen($decrypted);
            $padding = ord($decrypted[$dec_s-1]);
            $decrypted = substr($decrypted, 0, -$padding);
    ?>
    up
    -1
    artaxerxes2 at iname dot com
    1 year ago
    To decrypt data coming from MySQL's AES_ENCRYPT function:

    <?php

    function mysql_aes_key($key)
    {
            $new_key = str_repeat(chr(0), 16);
        for(    $i=0,$len=strlen($key);$i<$len;$i++)
        {
                $new_key[$i%16] = $new_key[$i%16] ^ $key[$i];
        }
        return     $new_key;
    }

    function     aes_decrypt($encrypted,$key)
    {
            // if $encrypted is HEXed, then return it to binary
            $encrypted = pack('H*',$encrypted);

            $key = mysql_aes_key($key);
        return     rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,$encrypted,MCRYPT_MODE_ECB,''),"\x00..\x1F");
    }

    ?>

    adapted from the article "Replicating MySQL AES Encryption Methods With PHP" (dated 2012-05-20) found somewhere online.
    add a note add a note
    To Top