mcrypt_create_iv
mcrypt_ecb
Mcrypt 函数
在线手册：中文 英文
PHP 手册
mcrypt_decrypt
(PHP 4 >= 4.0.2, PHP 5)
mcrypt_decrypt - Decrypts crypttext with given parameters
说明
string mcrypt_decrypt ( string $cipher , string $key , string $data , string $mode [,
string $iv ] )
Decrypts the data and returns the unencrypted data.
参数
cipher
One of the MCRYPT_ciphername constants, or the name of the algorithm as
string.
key
The key with which the data was encrypted. If it's smaller than the required
keysize, it is padded with '\0'.
data
The data that will be decrypted with the given cipher and mode. If the size of
the data is not n * blocksize, the data will be padded with '\0'.
mode
One of the MCRYPT_MODE_modename constants, or one of the following strings:
"ecb", "cbc", "cfb", "ofb", "nofb" or "stream".
iv
The iv parameter is used for the initialization in CBC, CFB, OFB modes, and
in some algorithms in STREAM mode. If you do not supply an IV, while it is
needed for an algorithm, the function issues a warning and uses an IV with all
its bytes set to '\0'.
返回值
Returns the decrypted data as a string.
mcrypt_create_iv
mcrypt_ecb
Mcrypt 函数
在线手册：中文 英文
PHP 手册
用户评论:
Anonymous (24-Nov-2010 07:41)
To remove PKCS7 padding:
<?php
$decrypted = mdecrypt_generic($td, base64_decode($enc_auth_token));
$dec_s = strlen($decrypted);
$padding = ord($decrypted[$dec_s-1]);
$decrypted = substr($decrypted, 0, -$padding);
?>
uramihsayibok, gmail, com (18-Oct-2009 02:17)
kooktroop's example (09-Jul-2004) may be a bit misleading. Using a
random IV for encryption, then another random IV for decryption? If
you run it, it works!
That's because ECB doesn't use an IV. For modes that do use one you
need the same one for encryption and decryption.
For example, Rijndael-256 (aka AES-256) and CFB:
<?php
$text = "The quick brown fox jumps over the lazy dog.";
$key = "haseveryletter";
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
MCRYPT_MODE_CFB), MCRYPT_RAND);
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text,
MCRYPT_MODE_CFB, $iv);
// create a new IV
$newiv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
MCRYPT_MODE_CFB), MCRYPT_RAND);
$corrupt = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted,
MCRYPT_MODE_CFB, $newiv);
echo $corrupt; // [binary junk...]he lazy dog
$good = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted,
MCRYPT_MODE_CFB, $iv);
echo $good; // The quick brown fox jumps over the lazy dog
?>
Rijndael can sync up on each block so only the first one (here, 256
bits = 32 characters long) will be corrupted. Not necessarily true
for other algorithms...
david at sickmiller dot com (04-Oct-2008 03:20)
I was wrong about ColdFusion always padding with EOT. By default,
ColdFusion uses PKCS#5 padding. See the comments on
http://us3.php.net/manual/en/ref.mcrypt.php for pkcs5_(un)pad
functions
david at sickmiller dot com (03-Oct-2008 01:15)
If you happen to be decrypting something encrypted in ColdFusion,
you'll discover that its encrypt function apparently pads the
plaintext with ASCII 4, the "end of transmission" character.
Building on eddiec's code, you can remove both nulls and EOTs with
this:
<?php
$retval = mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0\4"); // trim ONLY the nulls and EOTs at
the END
?>
smp_info at yahoo dot com (11-Oct-2007 02:27)
Since the returned data seems to be still padded with extra
characters, you can get *only* the original data that was encrypted
by str_replace()'ing the \x0 characters.
<?php
$decryptedData = str_replace("\x0", '', $encryptedData);
?>
eddiec at stararcher dot com (14-Jul-2005 09:26)
It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls
('\0') to fill out to n * blocksize. For old C-programmers, like
myself, it is easy to believe the string ends at the first null. In
PHP it does not:
strlen("abc\0\0") returns 5 and *NOT* 3
strcmp("abc", "abc\0\0") returns -2 and *NOT* 0
I learned this lesson painfully when I passed a string returned from
mycrypt_decrypt into a NuSoap message, which happily passed the nulls
along to the receiver, who couldn't figure out what I was talking
about.
My solution was:
<?
$retval = mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "\0"); // trim ONLY the nulls at the END
?>
kooktroop at gmail dot com (09-Jul-2004 06:13)
Following on from the mcrypt_encrypt() example:
<?php
$text = "boggles the inivisble monkey will rule the world";
$key = "This is a very secret key";
$iv_size = mcrypt_get_iv_size(MCRYPT_XTEA, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
echo strlen($text) . "<br>";
$enc = mcrypt_encrypt(MCRYPT_XTEA, $key, $text, MCRYPT_MODE_ECB,
$iv);
echo strlen($enc) . "<br>";
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$key = "This is a very secret key";
$text = "Meet me at 11 o'clock behind the monument.";
echo strlen($text) . "<br>";
$crypttext = mcrypt_decrypt(MCRYPT_XTEA, $key, $enc, MCRYPT_MODE_ECB,
$iv);
echo "$crypttext<br>";
?>