mcrypt_ofb
<?php
// Parameters:
// $text = The text that you want to encrypt.
// $key = The key you're using to encrypt.
// $alg = The algorithm.
// $crypt = 1 if you want to crypt, or 0 if you want to decrypt.
function cryptare($text, $key, $alg, $crypt)
{
$encrypted_data="";
switch($alg)
{
case "3des":
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
break;
case "cast-128":
$td = mcrypt_module_open('cast-128', '', 'ecb', '');
break;
case "gost":
$td = mcrypt_module_open('gost', '', 'ecb', '');
break;
case "rijndael-128":
$td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
break;
case "twofish":
$td = mcrypt_module_open('twofish', '', 'ecb', '');
break;
case "arcfour":
$td = mcrypt_module_open('arcfour', '', 'ecb', '');
break;
case "cast-256":
$td = mcrypt_module_open('cast-256', '', 'ecb', '');
break;
case "loki97":
$td = mcrypt_module_open('loki97', '', 'ecb', '');
break;
case "rijndael-192":
$td = mcrypt_module_open('rijndael-192', '', 'ecb', '');
break;
case "saferplus":
$td = mcrypt_module_open('saferplus', '', 'ecb', '');
break;
case "wake":
$td = mcrypt_module_open('wake', '', 'ecb', '');
break;
case "blowfish-compat":
$td = mcrypt_module_open('blowfish-compat', '', 'ecb', '');
break;
case "des":
$td = mcrypt_module_open('des', '', 'ecb', '');
break;
case "rijndael-256":
$td = mcrypt_module_open('rijndael-256', '', 'ecb', '');
break;
case "xtea":
$td = mcrypt_module_open('xtea', '', 'ecb', '');
break;
case "enigma":
$td = mcrypt_module_open('enigma', '', 'ecb', '');
break;
case "rc2":
$td = mcrypt_module_open('rc2', '', 'ecb', '');
break;
default:
$td = mcrypt_module_open('blowfish', '', 'ecb', '');
break;
}
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
if($crypt)
{
$encrypted_data = mcrypt_generic($td, $text);
}
else
{
$encrypted_data = mdecrypt_generic($td, $text);
}
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return $encrypted_data;
}
?>
mdecrypt_generic
(PHP 4 >= 4.0.2, PHP 5)
mdecrypt_generic — Desencripta datos
Descripción
string mdecrypt_generic
( resource
$td
, string $data
)Esta función desencripta datos. Note que la longitud de la cadena retornada puede ser mayor a la cadena no cifrada, debido al relleno de la información.
Parámetros
-
td -
Un descriptor de cifrado devuelto por mcrypt_module_open()
-
data -
Los datos encriptados.
Ejemplos
Ejemplo #1 Ejemplo de mdecrypt_generic()
<?php
/* Data */
$key = 'esta es una clave muy larga, aún para el cifrador';
$plain_text = 'información muy importante';
/* Apertura de un modo, y creación de un IV */
$td = mcrypt_module_open('des', '', 'ecb', '');
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
/* Iniciando gestor de encriptación */
if (mcrypt_generic_init($td, $key, $iv) != -1) {
/* Encriptación de los datos */
$c_t = mcrypt_generic($td, $plain_text);
mcrypt_generic_deinit($td);
/* Reinicialización de los buffers para desencriptación */
mcrypt_generic_init($td, $key, $iv);
$p_t = mdecrypt_generic($td, $c_t);
/* Finalización */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
if (strncmp($p_t, $plain_text, strlen($plain_text)) == 0) {
echo "ok\n";
} else {
echo "error\n";
}
?>
El ejemplo anterior muestra cómo chequear si los datos antes del cifrado son los mismos después de la decriptación. Es muy importante reinicializar el buffer de cifrado con mcrypt_generic_init() antes de intentar descifrar los datos.
El identificador de descifrado debería siempre ser inicializado con mcrypt_generic_init() con una clave y un IV antes de invocar a esta función. Cuando el cifrado haya terminado, se debería liberar los buffers de cifrado al invocar a mcrypt_generic_deinit() Véase mcrypt_module_open() para un ejemplo.
Ver también
- mcrypt_generic() - Esta función encripta datos
- mcrypt_generic_init() - Esta función inicializa todos los buffers requeridos para el cifrado
- mcrypt_generic_deinit() - Esta función deinicializa un módulo de cifrado
add a note
User Contributed Notes
mdecrypt_generic - [9 notes]
nytro_rst at yahoo dot com ¶
4 years ago
Peter Bailey ¶
1 year ago
We found that sometimes the resulting padding is not null characters "\0" but rather one of several control characters.
If you know your data is not supposed to have any trailing control characters "as we did" you can strip them like so.
<?php
$data = mdecrypt_generic( $cipher, $data );
// Strip trailing control-character padding
$data = preg_replace( "/\p{Cc}*$/u", "", $data );
?>
trashmail dot hashishin at gmail dot com ¶
2 years ago
Whenever you need to decrypt files encrypted with dot.net (and others?) you can use the following settings:
Encryption: 'rijndael-256'
Mode: 'cbc'
Padding-Mode: Zeros
iv: "yes"
encode the data with base64 to send them to your php script
Anonymous ¶
4 years ago
Here's a quick snippet for removing PKCS7 padding:
<?php
function unpadPKCS7($data, $blockSize) {
$length = strlen ( $data );
if ($length > 0) {
$first = substr ( $data, - 1 );
if (ord ( $first ) <= $blockSize) {
for($i = $length - 2; $i > 0; $i --)
if (ord ( $data [$i] != $first ))
break;
return substr ( $data, 0, $i );
}
}
return $data;
}
?>
php at pcwize dot com ¶
6 years ago
Just confirming the .DLL issues. With 4.3.4 you need the older .DLL. I'm guessing any version of PHP4 needs the older .DLL. With PHP5 you need the newer one.
drew at expressdynamics dot com ¶
7 years ago
On Win32 systems with PHP 5, you must use the newer libmcrypt.dll file, otherwise mdecrypt_generic will not work.
robbie [at] averill [dot] co [dot] nz ¶
8 years ago
I have noticed that sometimes when the binary ciphertext is longer than the plaintext, the decrypted plaintext can have some little boxes/squares next to it as 'padding'. I also noticed that you can't cut and paste them to be able to edit them out, but i did find a solution.
Just call rtrim() around the string and it removes them.
jon@jonroig dot com ¶
9 years ago
Here's a bit of encrypt/decrypt code.
If you're using this on the win32 platform, BEWARE! The latest DLL (19-Jan-2004) contains a bug that keeps mdecrypt_generic from functioning. Nearly drove me over the edge... The 30-Dec-2002 version seems to work with no trouble.
<?
$key = "this is a secret key";
$input = "Let us meet at 9 o'clock at the secret place.";
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted_data = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo "Encrypt: ".$encrypted_data;
echo "<br><br>";
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic($td, $encrypted_data);
echo "Decrypt: ".$decrypted_data;
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>
Silvan ¶
5 years ago
It is generally not recommended to just use rtrim to remove the padding.
Use rtrim($str, "\0") for strings that do not end in "\0" or store the data length during encryption.
(Although data containing "\0" sometimes gets corrupted during encryption so these types of data actually should be packed.)
For example:
<?php
function encrypt($original_data)
{
$length = strlen($original_data);
$data_to_encrypt = $length.'|'.$original_data;
// Encrypt the data including its length.
// Do not save the length unencrypted, as this could be a (minor) security risk
}
function decrypt($cypher)
{
// Decrypt the cypher data first
// Next retrieve the original data
list($length, $padded_data) = explode('|', $decrypted_data, 2);
$original_data = substr($padded_data, 0, $length);
}
?>