mcrypt_decrypt

(PHP 4 >= 4.0.2, PHP 5)

mcrypt_decrypt — Decrypts crypttext with given parameters

Description

string mcrypt_decrypt ( string $cipher , string $key , string $data , string $mode [, string $iv ] )

Decrypts the data and returns the unencrypted data.

Parameters

cipher: One of the MCRYPT_ciphername constants, or the name of the algorithm as string.
key: The key with which the data was encrypted. If it's smaller than the required keysize, it is padded with '\0'.
data: The data that will be decrypted with the given cipher and mode. If the size of the data is not n * blocksize, the data will be padded with '\0'.
mode: One of the MCRYPT_MODE_modename constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".
iv: Used for the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If you do not supply an IV, while it is needed for an algorithm, the function issues a warning and uses an IV with all its bytes set to "\0".

Return Values

Returns the decrypted data as a string.

Коментарии

Jul 13

Автор: eddiec at stararcher dot com


It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('\0') to fill out to n * blocksize.  For old C-programmers, like myself, it is easy to believe the string ends at the first null.  In PHP it does not:



    strlen("abc\0\0") returns 5 and *NOT* 3

    strcmp("abc", "abc\0\0") returns -2 and *NOT* 0



I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.



My solution was:

<?php

    $retval = mcrypt_decrypt( ...etc ...);

    $retval = rtrim($retval, "\0");     // trim ONLY the nulls at the END

?>