CakeFest 2024: The Official CakePHP Conference

mdecrypt_generic

(PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)

mdecrypt_genericデータを復号する

警告

この関数は PHP 7.1.0 で 非推奨となり、PHP 7.2.0 で削除 されました。この関数に頼らないことを強く推奨します。

説明

mdecrypt_generic(resource $td, string $data): string

この関数は、データを復号します。データのパディングが行われるため、 返される文字列の長さは暗号化前の文字列よりも長くなる可能性があることに 注意してください。

パラメータ

td

mcrypt_module_open() が返す暗号化記述子。

data

暗号化されたデータ。

戻り値

復号した文字列を返します。

例1 mdecrypt_generic() の例

<?php
/* データ */
$key = 'this is a very long key, even too long for the cipher';
$plain_text = 'very important data';

/* モジュールをオープンし、IV を作成します */
$td = mcrypt_module_open('des', '', 'ecb', '');
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

/* 暗号化ハンドルを初期化します */
if (mcrypt_generic_init($td, $key, $iv) != -1) {

/* データを暗号化します */
$c_t = mcrypt_generic($td, $plain_text);
mcrypt_generic_deinit($td);

/* 復号のため、バッファを再度初期化します */
mcrypt_generic_init($td, $key, $iv);
$p_t = mdecrypt_generic($td, $c_t);

/* 後始末をします */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}

if (
strncmp($p_t, $plain_text, strlen($plain_text)) == 0) {
echo
"ok\n";
} else {
echo
"error\n";
}
?>

上記の例は、暗号化前のデータと復号したデータと同じであるかどうかを 調べる方法を示すものです。データを復号する前に mcrypt_generic_init() で暗号化バッファを再度 初期化しておくことが重要です。

この関数をコールする前に、常に mcrypt_generic_init() でキーと IV を使用して 復号ハンドルを初期化しておくべきです。暗号化が終了した際には mcrypt_generic_deinit() をコールして暗号化 バッファを開放すべきです。 mcrypt_module_open() の例を参照ください。

参考

add a note

User Contributed Notes 11 notes

up
6
nytro_rst at yahoo dot com
15 years ago
<?php
// Parameters:
// $text = The text that you want to encrypt.
// $key = The key you're using to encrypt.
// $alg = The algorithm.
// $crypt = 1 if you want to crypt, or 0 if you want to decrypt.

function cryptare($text, $key, $alg, $crypt)
{
$encrypted_data="";
switch(
$alg)
{
case
"3des":
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
break;
case
"cast-128":
$td = mcrypt_module_open('cast-128', '', 'ecb', '');
break;
case
"gost":
$td = mcrypt_module_open('gost', '', 'ecb', '');
break;
case
"rijndael-128":
$td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
break;
case
"twofish":
$td = mcrypt_module_open('twofish', '', 'ecb', '');
break;
case
"arcfour":
$td = mcrypt_module_open('arcfour', '', 'ecb', '');
break;
case
"cast-256":
$td = mcrypt_module_open('cast-256', '', 'ecb', '');
break;
case
"loki97":
$td = mcrypt_module_open('loki97', '', 'ecb', '');
break;
case
"rijndael-192":
$td = mcrypt_module_open('rijndael-192', '', 'ecb', '');
break;
case
"saferplus":
$td = mcrypt_module_open('saferplus', '', 'ecb', '');
break;
case
"wake":
$td = mcrypt_module_open('wake', '', 'ecb', '');
break;
case
"blowfish-compat":
$td = mcrypt_module_open('blowfish-compat', '', 'ecb', '');
break;
case
"des":
$td = mcrypt_module_open('des', '', 'ecb', '');
break;
case
"rijndael-256":
$td = mcrypt_module_open('rijndael-256', '', 'ecb', '');
break;
case
"xtea":
$td = mcrypt_module_open('xtea', '', 'ecb', '');
break;
case
"enigma":
$td = mcrypt_module_open('enigma', '', 'ecb', '');
break;
case
"rc2":
$td = mcrypt_module_open('rc2', '', 'ecb', '');
break;
default:
$td = mcrypt_module_open('blowfish', '', 'ecb', '');
break;
}

$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);

if(
$crypt)
{
$encrypted_data = mcrypt_generic($td, $text);
}
else
{
$encrypted_data = mdecrypt_generic($td, $text);
}

mcrypt_generic_deinit($td);
mcrypt_module_close($td);

return
$encrypted_data;
}
?>
up
4
jakub dot lopuszanski at nasza-klasa dot pl
10 years ago
For all those of you which are "surprised" by the padding (even though it is mentioned in the description of the method) please do not just "strip away everything which I do not understand".
The approach with rtrim, rtrim "\0", removing all charcodes < 16, etc. are all wrong.
The PKCS #7 padding works just as described in RFC 5652.
To remove it, just look at the last byte of the message, and it will tell you how many bytes to remove.
For example, if the last byte is equal to \0A, then remove 10 bytes.
up
2
Ulysse
10 years ago
Based on the information provided by "jakub dot lopuszanski at nasza-klasa dot pl" that in PKCS#7, the last byte contains the number of byte to remove (see RFC 5652, part 6.3), and for those like me who like to copy paste an already-made snippet:

<?php
function unpadPKCS7($data, $blocksize)
{
$last = substr($data, -1);
return
substr($data, 0, strlen($data) - ord($last));
}
?>

Now you have no more reason to use rtrim() to remove the padding at the end of the result.
up
2
Anonymous
15 years ago
Here's a quick snippet for removing PKCS7 padding:

<?php
function unpadPKCS7($data, $blockSize) {
$length = strlen ( $data );
if (
$length > 0) {
$first = substr ( $data, - 1 );

if (
ord ( $first ) <= $blockSize) {
for(
$i = $length - 2; $i > 0; $i --)
if (
ord ( $data [$i] != $first ))
break;

return
substr ( $data, 0, $i );
}
}
return
$data;
}
?>
up
2
Peter Bailey
12 years ago
We found that sometimes the resulting padding is not null characters "\0" but rather one of several control characters.

If you know your data is not supposed to have any trailing control characters "as we did" you can strip them like so.

<?php

$data
= mdecrypt_generic( $cipher, $data );

// Strip trailing control-character padding
$data = preg_replace( "/\p{Cc}*$/u", "", $data );

?>
up
2
trashmail dot hashishin at gmail dot com
13 years ago
Whenever you need to decrypt files encrypted with dot.net (and others?) you can use the following settings:

Encryption: 'rijndael-256'
Mode: 'cbc'
Padding-Mode: Zeros
iv: "yes"

encode the data with base64 to send them to your php script
up
1
robbie [at] averill [dot] co [dot] nz
19 years ago
I have noticed that sometimes when the binary ciphertext is longer than the plaintext, the decrypted plaintext can have some little boxes/squares next to it as 'padding'. I also noticed that you can't cut and paste them to be able to edit them out, but i did find a solution.

Just call rtrim() around the string and it removes them.
up
0
Silvan
16 years ago
It is generally not recommended to just use rtrim to remove the padding.

Use rtrim($str, "\0") for strings that do not end in "\0" or store the data length during encryption.
(Although data containing "\0" sometimes gets corrupted during encryption so these types of data actually should be packed.)

For example:

<?php

function encrypt($original_data)
{
$length = strlen($original_data);
$data_to_encrypt = $length.'|'.$original_data;
// Encrypt the data including its length.
// Do not save the length unencrypted, as this could be a (minor) security risk
}

function
decrypt($cypher)
{
// Decrypt the cypher data first
// Next retrieve the original data
list($length, $padded_data) = explode('|', $decrypted_data, 2);
$original_data = substr($padded_data, 0, $length);
}

?>
up
0
php at pcwize dot com
17 years ago
Just confirming the .DLL issues. With 4.3.4 you need the older .DLL. I'm guessing any version of PHP4 needs the older .DLL. With PHP5 you need the newer one.
up
0
drew at expressdynamics dot com
18 years ago
On Win32 systems with PHP 5, you must use the newer libmcrypt.dll file, otherwise mdecrypt_generic will not work.
up
0
jon@jonroig dot com
19 years ago
Here's a bit of encrypt/decrypt code.

If you're using this on the win32 platform, BEWARE! The latest DLL (19-Jan-2004) contains a bug that keeps mdecrypt_generic from functioning. Nearly drove me over the edge... The 30-Dec-2002 version seems to work with no trouble.
<?

$key = "this is a secret key";
$input = "Let us meet at 9 o'clock at the secret place.";

$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted_data = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo "Encrypt: ".$encrypted_data;

echo "<br><br>";

$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic($td, $encrypted_data);
echo "Decrypt: ".$decrypted_data;
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

?>
To Top