mcrypt_decrypt

    (PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)

    mcrypt_decryptDecrypts crypttext with given parameters

    Warning

    This function has been DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0. Relying on this function is highly discouraged.

    Description

    mcrypt_decrypt(
        string $cipher,
        string $key,
        string $data,
        string $mode,
        string $iv = ?
    ): string|false

    Decrypts the data and returns the unencrypted data.

    Parameters

    cipher

    One of the MCRYPT_ciphername constants, or the name of the algorithm as string.

    key

    The key with which the data was encrypted. If the provided key size is not supported by the cipher, the function will emit a warning and return false

    data

    The data that will be decrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.

    mode

    One of the MCRYPT_MODE_modename constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".

    iv

    Used for the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If the provided IV size is not supported by the chaining mode or no IV was provided, but the chaining mode requires one, the function will emit a warning and return false.

    Return Values

    Returns the decrypted data as a string or false on failure.

    See Also

    Found A Problem?

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes 1 note

    up
    32
    eddiec at stararcher dot com
    19 years ago
    It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize. For old C-programmers, like myself, it is easy to believe the string ends at the first null. In PHP it does not:

    strlen("abc\0\0") returns 5 and *NOT* 3
    strcmp("abc", "abc\0\0") returns -2 and *NOT* 0

    I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.

    My solution was:
    <?php
    $retval     = mcrypt_decrypt( ...etc ...);
    $retval = rtrim($retval, "\0"); // trim ONLY the nulls at the END
    ?>
    add a note
    To Top