Open tsmgeek opened 4 years ago
Propose to replace Crypt_Blowfish library with maintained phpseclib. Below is example code that will match enc/dec of existing methods. This also opens up giving a full security library for use though the composer.
use phpseclib\Crypt\Blowfish; $cipher = new Blowfish(Blowfish::MODE_ECB); $cipher->setKey('00000000-0000-0000-0000-000000000000'); $cipher->disablePadding(); $data1 = 'testme'; $data2 = "1YIZev2edV8="; $data1_pad = str_pad($data1, strlen($data1) + ($cipher->block_size - strlen($data1) % $cipher->block_size) % $cipher->block_size, chr(0)); $data1_res = base64_encode($cipher->encrypt($data1_pad)); $data2_res = trim($cipher->decrypt(base64_decode($data2))); if($data2 === $data1_res) print "matched on encrypt\n"; if($data1 === $data2_res) print "matched on decrypt\n";
Here is patch to migrate over from Crypt_Blowfish to phpseclib
Propose to replace Crypt_Blowfish library with maintained phpseclib. Below is example code that will match enc/dec of existing methods. This also opens up giving a full security library for use though the composer.