Reputation: 27749
PHP Blowfish encryption
I've been asked to point a login form to an external site, where login and pass should be present in the URL and the pass should be Blowfish encrypted. I was provided a "key" which is in the format: "nnn-nnnssssssssssssssssssssssssnnnnnn" where n is a number and s is a letter (24 of them).
From the PHP docs it seems that to trigger Blowfish encryption with crypt() one needs to provide a salt in a specific format, starting with "$2a$", but this is not the format of the key I was provided. Does this mean I need to provide a salt of my own? If yes, what is the point of the key I was provided?
Upvotes: 2
Views: 2614
Answers (2)
Reputation: 2432
Try this as the salt: $2a$nn$nnnnsssssssssssnnn$ (didn't work)
It isn't a hash then and you'll have to use mcrypt or the PEAR library:
http://pear.php.net/package/Crypt_Blowfish
Example:
http://www.chilkatsoft.com/p/php_blowfish.asp
I don't see an IV so the mode will have to be ECB (weak) and the whole thing will be the key.
Upvotes: 1
Reputation: 53940
crypt is a hashing function, it's not for encryption. To actually encrypt something you need mcrypt or a pure php implementation (i remember to see something in pear).
Upvotes: 1
Related Questions
- PHP encrypt string using blowfish
- Converting an blowfish encryption algo from php to python
- Decrypt blowfish in php
- How to decrypt using Blowfish algorithm in php?
- Blowfish encryption in php
- How exactly to implement Blowfish in php
- Blowfish and Crypt Successful Example?
- Using Blowfish for Encryption with PHP
- Blowfish Crypt confusion
- (PHP) How to use crypt() with CRYPT_BLOWFISH?