You are here

function aes_decrypt in AES encryption 7

Same name and namespace in other branches
  1. 5 aes.module \aes_decrypt()
  2. 6 aes.module \aes_decrypt()

Decrypts a string of encrypted data.


string $string: The string to decrypt.

bool $base64encoded: Whether this encrypted string is base64 encoded or not.

string $custom_key: Use this as the key rather than the stored one for this operation.

string $custom_cipher: Use this cipher rather than the default one. (only with Mcrypt - ignored with phpseclib)

string $custom_iv: Use this initialization vector instead of the default one. Base64-encoded.

string $custom_implementation: Can be "phpseclib" or "mcrypt". Warning: Does not check if the requested implementation actually exists.

Return value

bool|string The decrypted string on success, FALSE on error.

1 call to aes_decrypt()
aes_get_password in ./aes.module
Gets a users password, in plain text, or in it's encrypted form.
2 string references to 'aes_decrypt'
aes_aes_config_change in ./
Implements hook_aes_config_change().
hook_aes_config_change in ./aes.api.php
hook_aes_config_change() This hook provide ability for developers to reencrypt data in modules when aes configuration changed.


./aes.module, line 601
Main file of the AES encryption module.


function aes_decrypt($string, $base64encoded = TRUE, $custom_key = NULL, $custom_cipher = NULL, $custom_iv = NULL, $custom_implementation = NULL) {
  if ($base64encoded) {
    $string = base64_decode($string);

  // Bail out if the passed string is empty.
  if (empty($string)) {
    watchdog("aes", "Tried to decrypt an empty string.", array(), WATCHDOG_WARNING);
    return FALSE;
  if ($custom_cipher != NULL) {
    $cipher = $custom_cipher;
  else {
    $cipher = variable_get("aes_cipher", "rijndael-128");
  if (!empty($custom_key)) {
    $key = $custom_key;
  else {
    $key = aes_get_key();
  if ($custom_implementation == "mcrypt" || $custom_implementation == "phpseclib") {
    $implementation = $custom_implementation;
  else {
    $implementation = variable_get("aes_implementation", "mcrypt");
  if ($implementation == "phpseclib") {

    // Using phpseclib implementation.
    // phpseclib doesn't support custom ciphers.
    if (is_null($custom_cipher) == FALSE) {
      watchdog("aes", "A custom cipher was defined when decrypting a string in the AES module using the phpseclib implementation. This implementation doesn't support custom ciphers therefore the argument was ignored and the decryption was done with the standard cipher.", array(), WATCHDOG_WARNING);
    $phpsec = new Crypt_AES();
    if (!is_null($custom_iv)) {
    $decrypted = $phpsec
  else {
    if ($implementation == "mcrypt") {

      // Using mcrypt implementation.
      $td = mcrypt_module_open_safe($cipher, "", MCRYPT_MODE_CBC, "");
      $ks = mcrypt_enc_get_key_size($td);
      if ($custom_iv == NULL) {
        $iv = base64_decode(variable_get("aes_encryption_iv", ""));
      else {
        $iv = base64_decode($custom_iv);
      if (empty($iv)) {
        watchdog("aes", "No initialization vector found while trying to decrypt. Aborting!", array(), WATCHDOG_ERROR);
      $key = substr(sha1($key), 0, $ks);
      mcrypt_generic_init($td, $key, $iv);
      $decrypted = mdecrypt_generic($td, $string);
    else {
      $error_msg = t("Request was sent to decrypt a string with the AES module, but the AES module has no active encryption implementation to work with! Did you forget to run update.php after upgrading this module?");
      if (user_access('administer aes')) {
        drupal_set_message($error_msg, "error");
      watchdog("aes", $error_msg, array(), WATCHDOG_ERROR);
      return FALSE;
  return trim($decrypted);