PHP Conference Nagoya 2025

mcrypt_decrypt

(PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)

mcrypt_decryptDecrypts crypttext with given parameters

Warnung

Diese Funktion wurde in PHP 7.1.0 als DEPRECATED (veraltet) markiert und wurde in PHP 7.2.0 ENTFERNT. Von der Verwendung dieser Funktion wird dringend abgeraten.

Beschreibung

mcrypt_decrypt(
    string $cipher,
    string $key,
    string $data,
    string $mode,
    string $iv = ?
): string|false

Decrypts the data and returns the unencrypted data.

Parameter-Liste

cipher

Eine der Konstanten von MCRYPT_ciphername oder der Name eines Algorithmus als Zeichenkette.

key

The key with which the data was encrypted. If the provided key size is not supported by the cipher, the function will emit a warning and return false

data

The data that will be decrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.

mode

Eine der MCRYPT_MODE_modename-Konstanten oder eine der folgenden Zeichenketten: "ecb", "cbc", "cfb", "ofb", "nofb" oder "stream".

iv

Wird für die Initialisierung in den Modi CBC, CFB oder OFB und von einigen Algorithmen im STREAM-Modus verwendet. Wird die Länge des angegebenen IV vom Betriebsmodus nicht unterstützt, oder wurde kein IV angegeben aber der Betriebsmodus benötigt einen, so wird diese Funktion eine Warnung ausgeben und false zurückgeben.

Rückgabewerte

Returns the decrypted data as a string Bei einem Fehler wird false zurückgegeben..

Siehe auch

add a note

User Contributed Notes 7 notes

up
32
eddiec at stararcher dot com
19 years ago
It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize. For old C-programmers, like myself, it is easy to believe the string ends at the first null. In PHP it does not:

strlen("abc\0\0") returns 5 and *NOT* 3
strcmp("abc", "abc\0\0") returns -2 and *NOT* 0

I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.

My solution was:
<?php
$retval
= mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0"); // trim ONLY the nulls at the END
?>
up
11
gmmarco at outlook dot my
7 years ago
Look at http://php.net/manual/en/function.openssl-decrypt.php for a replacement.

Supports PHP 5 >= 5.3.0, PHP 7
up
8
david at sickmiller dot com
16 years ago
If you happen to be decrypting something encrypted in ColdFusion, you'll discover that its encrypt function apparently pads the plaintext with ASCII 4, the "end of transmission" character.

Building on eddiec's code, you can remove both nulls and EOTs with this:

<?php
$retval
= mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0\4"); // trim ONLY the nulls and EOTs at the END
?>
up
5
beltrachi
13 years ago
Caution, MCRYPT_RIJNDAEL_256 is not equivalent to AES_256.

The way to make RIJNDAEL be decrypted from AES with openssl is to use MCRYPT_RIJNDAEL_128 and padd the string to encrypt before encrypting with the follwing function:

<?php
function pkcs5_pad ($text, $blocksize) {
$pad = $blocksize - (strlen($text) % $blocksize);
return
$text . str_repeat(chr($pad), $pad);
}
?>

On the decryption, the choosing of AES_256 or AES_128, etc. is based on the keysize used in the crypting. In my case it was a 128bit key so I used AES_128.
up
2
pnz dot r00t at yandex dot ru
8 years ago
When i using this function i find some problem, with adding additional binary symbols in decode message.
$sDecrypt – «2433091»
$sDecrypt strlen – 16 (before trim)
$sDecrypt – «2433091»
$sDecrypt strlen – 7 (after trim)
At local PC this problem solved by using trim/trim, but if I send my encrypt message to sever, and try encrypt them, I see that my message is not 16 symbols, as it was in my local pc, it is 32 sybmols, after encode. And trim function not working. I look at symbols code and what I see
50
52
51
51
48
57
49
0
0
0
0
0
0
0
0
0
10
158
112
183
154
27
95
85
42
35
95
54
227
41
179
77
After “tabulation symbols” I get some junk symbols, and I solve this problems like this.
After mcrypt_decrypt I use this code
$plaintext_dec = substr($plaintext_dec, 0, strpos($plaintext_dec, "\0"));
I think it is not best resolution for this problem, but I solve my problem :)
up
0
evangelion207 at hotmail dot com
13 years ago
Be careful, sometimes mcrypt_decrypt return additional white spaces to the uncrypted string; use trim() for deleting them. I was like 2 hours searching the error and it was that..
up
-3
Anonymous
14 years ago
To remove PKCS7 padding:

<?php
$decrypted
= mdecrypt_generic($td, base64_decode($enc_auth_token));
$dec_s = strlen($decrypted);
$padding = ord($decrypted[$dec_s-1]);
$decrypted = substr($decrypted, 0, -$padding);
?>
To Top