By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,067 Members | 954 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,067 IT Pros & Developers. It's quick & easy.

phpmyadmin's blowfish / mcrypt

P: n/a
I'm writing an app that will use blowfish encryption..
PHP's mcrypt will be used if available.
if not, I'll use PHPmyadmin's blowfish.php library.
The problem is I can't figure out what initialization vector
blowfish.php is useing (or if that's even my problem).

ie, if I encrypt with blowfish.php and decrypt with mcrypt:

/* include path to phpmyadmin '/libraries/blowfish.php'; */
$secret = 'secret';
$string = 'test string';
$iv = blah;
$encrypted = PMA_blowfish_encrypt($string,$secret);
$decrypted =
trim(mcrypt_decrypt(MCRYPT_BLOWFISH,$secret,base64 _decode($encrypted),MCRYPT_MODE_CBC,$iv));
echo $decrypted;

will output something like
test strE<q

Anyhow, how do I make these two interchangeable?

Jul 17 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
BKDotCom wrote:
I'm writing an app that will use blowfish encryption..
PHP's mcrypt will be used if available.
if not, I'll use PHPmyadmin's blowfish.php library.
The problem is I can't figure out what initialization vector
blowfish.php is useing (or if that's even my problem).

ie, if I encrypt with blowfish.php and decrypt with mcrypt:

/* include path to phpmyadmin '/libraries/blowfish.php'; */
$secret = 'secret';
$string = 'test string';
$iv = blah;
$encrypted = PMA_blowfish_encrypt($string,$secret);
$decrypted =
trim(mcrypt_decrypt(MCRYPT_BLOWFISH,$secret,base64 _decode($encrypted),MCRYPT_MODE_CBC,$iv)); echo $decrypted;

will output something like
test strE<q

Anyhow, how do I make these two interchangeable?


Last time I played around with PHP mcrypt to any extenet I found that the
mcrypt functions were returning C type strings (terminated by '\0') for the
decryption.

Only getting partial output suggests that it may be a string termination
issue somewhere, but you're getting the key right.

I must admit to being rather in the dark regards IVs, but if you're not
supplying one to PMA_Blowfish_encrypt() why do you need one for
mcrypt_decrypt()? (it's optional anyway for CBC). Bearing in mind the issue
regarding C strings and the recommended use of mcrypt_enc_get_iv_size(),
I'd suggest that it is not only advisable to avoid using it for now, it may
even be the source of the error.

HTH

C.

Jul 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.