mcrypt_create_iv
Caution, MCRYPT_RIJNDAEL_256 is not equivalent to AES_256.
The way to make RIJNDAEL be decrypted from AES with openssl is to use MCRYPT_RIJNDAEL_128 and padd the string to encrypt before encrypting with the follwing function:
<?php
function pkcs5_pad ($text, $blocksize) {
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
?>
On the decryption, the choosing of AES_256 or AES_128, etc. is based on the keysize used in the crypting. In my case it was a 128bit key so I used AES_128.
mcrypt_decrypt
(PHP 4 >= 4.0.2, PHP 5)
mcrypt_decrypt — Decrypts crypttext with given parameters
说明
string mcrypt_decrypt
( string
$cipher
, string $key
, string $data
, string $mode
[, string $iv
] )
Decrypts the data and returns the unencrypted data.
参数
-
cipher -
MCRYPT_ciphername常量中的一个,或者是字符串值的算法名称。 -
key -
The key with which the data was encrypted. If it's smaller than the required keysize, it is padded with '\0'.
-
data -
The data that will be decrypted with the given
cipherandmode. If the size of the data is not n * blocksize, the data will be padded with '\0'. -
mode -
MCRYPT_MODE_modename常量中的一个,或以下字符串中的一个:"ecb","cbc","cfb","ofb","nofb" 和 "stream"。 -
iv -
在 CBC, CFB, OFB 模式中用于初始化过程,在 STREAM 模式中用于某些算法。如果未提供 IV 并且在某算法中需要,本函数发出一条警告并使用一个全部字节设为 "\0" 的 IV。
返回值
Returns the decrypted data as a string.
add a note
User Contributed Notes
mcrypt_decrypt - [8 notes]
beltrachi ¶
1 year ago
evangelion207 at hotmail dot com ¶
2 years ago
Be careful, sometimes mcrypt_decrypt return additional white spaces to the uncrypted string; use trim() for deleting them. I was like 2 hours searching the error and it was that..
david at sickmiller dot com ¶
4 years ago
If you happen to be decrypting something encrypted in ColdFusion, you'll discover that its encrypt function apparently pads the plaintext with ASCII 4, the "end of transmission" character.
Building on eddiec's code, you can remove both nulls and EOTs with this:
<?php
$retval = mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0\4"); // trim ONLY the nulls and EOTs at the END
?>
eddiec at stararcher dot com ¶
7 years ago
It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize. For old C-programmers, like myself, it is easy to believe the string ends at the first null. In PHP it does not:
strlen("abc\0\0") returns 5 and *NOT* 3
strcmp("abc", "abc\0\0") returns -2 and *NOT* 0
I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.
My solution was:
<?php
$retval = mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0"); // trim ONLY the nulls at the END
?>
artaxerxes2 at iname dot com ¶
4 days ago
To decrypt data coming from MySQL's AES_ENCRYPT function:
<?php
function mysql_aes_key($key)
{
$new_key = str_repeat(chr(0), 16);
for($i=0,$len=strlen($key);$i<$len;$i++)
{
$new_key[$i%16] = $new_key[$i%16] ^ $key[$i];
}
return $new_key;
}
function aes_decrypt($encrypted,$key)
{
// if $encrypted is HEXed, then return it to binary
$encrypted = pack('H*',$encrypted);
$key = mysql_aes_key($key);
return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key,$encrypted,MCRYPT_MODE_ECB,''),"\x00..\x1F");
}
?>
adapted from the article "Replicating MySQL AES Encryption Methods With PHP" (dated 2012-05-20) found somewhere online.
Anonymous ¶
2 years ago
To remove PKCS7 padding:
<?php
$decrypted = mdecrypt_generic($td, base64_decode($enc_auth_token));
$dec_s = strlen($decrypted);
$padding = ord($decrypted[$dec_s-1]);
$decrypted = substr($decrypted, 0, -$padding);
?>
smp_info at yahoo dot com ¶
5 years ago
Since the returned data seems to be still padded with extra characters, you can get *only* the original data that was encrypted by str_replace()'ing the \x0 characters.
<?php
$decryptedData = str_replace("\x0", '', $encryptedData);
?>
maciej at wiercinski dot net ¶
2 years ago
If you want to combine mcrypt with MySQL's AES_DECRYPT / AES_ENCRYPT function, please keep in mind that it uses PKCS5 padding (code from note above works just fine), what is not mentioned in MySQL's documentation at all.