mcrypt_ofb
It is generally not recommended to just use rtrim to remove the padding.
Use rtrim($str, "\0") for strings that do not end in "\0" or store the data length during encryption.
(Although data containing "\0" sometimes gets corrupted during encryption so these types of data actually should be packed.)
For example:
<?php
function encrypt($original_data)
{
$length = strlen($original_data);
$data_to_encrypt = $length.'|'.$original_data;
// Encrypt the data including its length.
// Do not save the length unencrypted, as this could be a (minor) security risk
}
function decrypt($cypher)
{
// Decrypt the cypher data first
// Next retrieve the original data
list($length, $padded_data) = explode('|', $decrypted_data, 2);
$original_data = substr($padded_data, 0, $length);
}
?>
mdecrypt_generic
(PHP 4 >= 4.0.2, PHP 5)
mdecrypt_generic — データを復号する
説明
string mdecrypt_generic
( resource $td
, string $data
)
この関数は、データを復号します。データのパディングが行われるため、 返される文字列の長さは暗号化前の文字列よりも長くなる可能性があることに 注意してください。
例
例1 mdecrypt_generic() の例
<?php
/* データ */
$key = 'this is a very long key, even too long for the cipher';
$plain_text = 'very important data';
/* モジュールをオープンし、IV を作成します */
$td = mcrypt_module_open('des', '', 'ecb', '');
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
/* 暗号化ハンドルを初期化します */
if (mcrypt_generic_init($td, $key, $iv) != -1) {
/* データを暗号化します */
$c_t = mcrypt_generic($td, $plain_text);
mcrypt_generic_deinit($td);
/* 復号のため、バッファを再度初期化します */
mcrypt_generic_init($td, $key, $iv);
$p_t = mdecrypt_generic($td, $c_t);
/* 後始末をします */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
if (strncmp($p_t, $plain_text, strlen($plain_text)) == 0) {
echo "ok\n";
} else {
echo "error\n";
}
?>
上記の例は、暗号化前のデータと復号したデータと同じであるかどうかを 調べる方法を示すものです。データを復号する前に mcrypt_generic_init() で暗号化バッファを再度 初期化しておくことが重要です。
この関数をコールする前に、常に mcrypt_generic_init() でキーと IV を使用して 復号ハンドルを初期化しておくべきです。暗号化が終了した際には mcrypt_generic_deinit() をコールして暗号化 バッファを開放すべきです。 mcrypt_module_open() の例を参照ください。
mcrypt_generic()、 mcrypt_generic_init() および mcrypt_generic_deinit() も参照ください。
add a note
User Contributed Notesmdecrypt_generic
Silvan
17-Aug-2007 10:34
17-Aug-2007 10:34
php at pcwize dot com
13-Oct-2006 12:59
13-Oct-2006 12:59
Just confirming the .DLL issues. With 4.3.4 you need the older .DLL. I'm guessing any version of PHP4 needs the older .DLL. With PHP5 you need the newer one.
drew at expressdynamics dot com
05-Jul-2005 08:07
05-Jul-2005 08:07
On Win32 systems with PHP 5, you must use the newer libmcrypt.dll file, otherwise mdecrypt_generic will not work.
robbie [at] averill [dot] co [dot] nz
24-Mar-2005 01:15
24-Mar-2005 01:15
I have noticed that sometimes when the binary ciphertext is longer than the plaintext, the decrypted plaintext can have some little boxes/squares next to it as 'padding'. I also noticed that you can't cut and paste them to be able to edit them out, but i did find a solution.
Just call rtrim() around the string and it removes them.
jon@jonroig dot com
08-Apr-2004 05:29
08-Apr-2004 05:29
Here's a bit of encrypt/decrypt code.
If you're using this on the win32 platform, BEWARE! The latest DLL (19-Jan-2004) contains a bug that keeps mdecrypt_generic from functioning. Nearly drove me over the edge... The 30-Dec-2002 version seems to work with no trouble.
<?
$key = "this is a secret key";
$input = "Let us meet at 9 o'clock at the secret place.";
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted_data = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo "Encrypt: ".$encrypted_data;
echo "<br><br>";
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic($td, $encrypted_data);
echo "Decrypt: ".$decrypted_data;
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>