Blowfish encryption is implemented using PHP and C ++, but the results are different... first, the MD5 experiment has the same results, but the Blowfish experiment cannot be successful. the following code is called: PHPcode & lt ;? Php $ ciphermcrypt_module_open (MCRYPT_BLOWFISH, MCRYPT_MODE_ECB,); Blowfish encryption, which is implemented using PHP and C ++ respectively, but with different results...
First, the MD5 experiment has the same results, but the Blowfish experiment fails.
The call is as follows:
PHP code
% S
", Strtoupper (bin2hex ($ dtext);} mcrypt_module_close ($ cipher );
C ++ is like this:
C/C ++ code
MD5_CTX md5; unsigned char str[16]; md5.MD5String(strSource.c_str() ,str); BlockCipher *bf; char key[] = "strkey11"; //Key bf = new BlowFish(); bf->setKey((void *)key, 8*8); bf->encrypt((void *)str, 8); //unsigned char str[16]; bf->encrypt((void *)(str+8), 8); char temp1[4] = {0}; char buff1[128] = {0}; for(int i = 0;i<16;i++) { sprintf(temp1,"%02x",str[i]); strcat(buff1,temp1); } AnsiString strResult = String(buff1).UpperCase(); delete bf;
------ Solution --------------------
$ Iv = '000000 ';???
Press bf-> setKey (void *) key, 8*8 );
It should be
$ Iv = "\ x00 \ x00 \ x00 \ x00 \ x00 \ x00 \ x00 \ x00 ";
Right?
------ Solution --------------------
IV is ignored in ECB. iv must exist in CFB, CBC, STREAM, nOFB and OFB modes.
In MCRYPT_MODE_ECB mode, $ iv is ignored and should not be the problem.
It seems that padding is required before encryption. try again.
$ Size = mcrypt_get_block_size (MCRYPT_BLOWFISH, MCRYPT_MODE_ECB );
$ Input = pkcs5_pad ($ input, $ size );
Function pkcs5_pad ($ text, $ blocksize)
{
$ Pad = $ blocksize-(strlen ($ text) % $ blocksize );
Return $ text. str_repeat (chr ($ pad), $ pad );
}
Function pkcs5_unpad ($ text)
{
$ Pad = ord ($ text {strlen ($ text)-1 });
If ($ pad> strlen ($ text) return false;
If (strspn ($ text, chr ($ pad), strlen ($ text)-$ pad )! = $ Pad) return false;
Return substr ($ text, 0,-1 * $ pad );
}
------ Solution --------------------
Is there a problem with the result of c ++? here there is an online blowfish encrypted, you can verify it
Http://webnet77.com/cgi-bin/helpers/blowfish.pl
------ Solution --------------------
First, you need to find out whether PHP is wrong or C ++ is wrong. I used bin2hex before, but md5 is followed by binary data and cannot be verified,
Can you not use the md5 direct character abcdefgh? what is it after encryption?
The webpage result is
Plaintext abcdefgh
Ciphertext 5B4148819C51DCB5
------ Solution --------------------
I used PHP online decoding.
Http://www.tools4noobs.com/online_tools/decrypt/
5B4148819C51DCB5 can be decrypted, but 12DB6214F5EAB031 cannot be decrypted
Is there anything different between C ++ programs? As long as the data can be encrypted and decrypted, the same algorithm must be followed for mutual decryption.
The same symmetric algorithm, the same key, is unlikely to have different ciphertext values, except for some random interference. But from the blowfish algorithm,
There is no random interference. Is it possible that pbox and sbox are different definitions?
------ Solution --------------------
You have two questions about the C ++ code.
1) bf-> setKey (void *) key, 8*8); the second parameter should be the key length. why is it 8*8?
2) PHP has the ECB mode, but c ++ does not. Is it the ECB by default?
------ Solution --------------------
I found the reason. your algorithm is different from the blowfish algorithm in PHP. The c ++ algorithm is blowfish-compat.
So change to $ cipher = mcrypt_module_open ('blowfish-compat', '', MCRYPT_MODE_ECB ,'');
This should be done.