(PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)
mcrypt_decrypt — Decrypts crypttext with given parameters
This function has been DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0. Relying on this function is highly discouraged.
$cipher,$key,$data,$mode,$iv = ?
Decrypts the data and returns the unencrypted data.
cipherOne of the MCRYPT_ciphername constants, or the name of the algorithm as string.
key
The key with which the data was encrypted. If the provided key size is
not supported by the cipher, the function will emit a warning and return false
data
The data that will be decrypted with the given cipher
and mode. If the size of the data is not n * blocksize,
the data will be padded with '0円'.
modeOne of the MCRYPT_MODE_modename constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".
ivUsed for the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If the provided IV size is not supported by the chaining mode or no IV was provided, but the chaining mode requires one, the function will emit a warning and return false .
Returns the decrypted data as a string or false on failure.
It appears that mcrypt_decrypt pads the *RETURN STRING* with nulls ('0円') to fill out to n * blocksize. For old C-programmers, like myself, it is easy to believe the string ends at the first null. In PHP it does not:
strlen("abc0円0円") returns 5 and *NOT* 3
strcmp("abc", "abc0円0円") returns -2 and *NOT* 0
I learned this lesson painfully when I passed a string returned from mycrypt_decrypt into a NuSoap message, which happily passed the nulls along to the receiver, who couldn't figure out what I was talking about.
My solution was:
<?php
$retval = mcrypt_decrypt( ...etc ...);
$retval = rtrim($retval, "0円"); // trim ONLY the nulls at the END
?>