Blowfish encryption, farewell using PHP and C + + implementation, but the results are different.

Source: Internet
Author: User
Blowfish encryption, respectively, using PHP and C + + implementation, but the results are different ...
First MD5 experiment, the result is the same, but use Blowfish experiment, how to do also can not succeed
The call is as follows:
PHP Code
  
   
  
   %s

", Strtoupper (Bin2Hex ($dtext))); } Mcrypt_module_close ($cipher);

C + + is the case:
C + + code
  
       Md5_ctx MD5;    unsigned char str[16];    MD5. Md5string (STRSOURCE.C_STR (), str);    Blockcipher *BF;    Char key[] = "Strkey11";              Key    bf = new BlowFish ();    Bf->setkey (void *) key, 8*8);    Bf->encrypt ((void *) STR, 8);      unsigned char str[16];    Bf->encrypt (void *) (str+8), 8);    Char Temp1[4] = {0};    Char buff1[128] = {0};    for (int i = 0;i<16;i++)    {        sprintf (Temp1, "%02x", Str[i]);        strcat (BUFF1,TEMP1);    }    Ansistring strresult = String (buff1). Uppercase ();    Delete BF;


------Solution--------------------
$iv = ' 00000000 ';???
Press Bf->setkey (void *) key, 8*8); Understand
Should be
$iv = "\x00\x00\x00\x00\x00\x00\x00\x00";
, huh?

------Solution--------------------
IV is ignored in ECB. IV must exist in CFB, CBC, STREAM, NOFB and OFB modes.
The MCRYPT_MODE_ECB pattern, $iv is ignored, should not be the problem.

It's like padding before encryption, you try.
$size = Mcrypt_get_block_size (Mcrypt_blowfish, MCRYPT_MODE_ECB);
$input = Pkcs5_pad ($input, $size);

function Pkcs5_pad ($text, $blocksize)
{
$pad = $blocksize-(strlen ($text)% $blocksize);
Return $text. Str_repeat (Chr ($pad), $pad);
}

function Pkcs5_unpad ($text)
{
$pad = Ord ($text {strlen ($text)-1});
if ($pad > strlen ($text)) return false;
if (strspn ($text, Chr ($pad), strlen ($text)-$pad)! = $pad) return false;
Return substr ($text, 0,-1 * $pad);
}
------Solution--------------------
C + + The result is not a problem, here is an online blowfish encryption, you can verify
http://webnet77.com/cgi-bin/helpers/blowfish.pl
------Solution--------------------

First of all you have to find out whether PHP is wrong or C + + wrong, I used bin2hex really wrong, but MD5 after the binary data can not be verified,
Can you not use MD5 direct character abcdefgh, what is after encryption?

Page results are
PlainText ABCDEFGH
Ciphertext 5B4148819C51DCB5
------Solution--------------------
I used PHP's online decoding.
http://www.tools4noobs.com/online_tools/decrypt/

5B4148819C51DCB5 can decipher it, but 12db6214f5eab031 can't.

Is there anything different about C + + programs? As long as encryption and decryption can not be mistaken, but to each other to decrypt the encryption must follow the same algorithm.

The same symmetric algorithm, the same key, it is unlikely that ciphertext is not the same, except for some random disturbances. But from the Blowfish algorithm,
There is no random disturbance, is it possible that the Pbox,sbox definition is not the same?
------Solution--------------------
There are two questions about C + + code that you can confirm.
1) Bf->setkey ((void *) key, 8*8); The second parameter should be the length of the key, why 8*8?
2) PHP has the ECB mode set, but not in C + +, is the ECB the default?
------Solution--------------------
I found the reason, your algorithm and PHP Blowfish algorithm is not the same, C + + algorithm is Blowfish-compat

So change to $cipher = Mcrypt_module_open (' Blowfish-compat ', ' ', MCRYPT_MODE_ECB, ');
That should be all right.
  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.