Search code examples
phpruby-on-railsencryptionblowfish

Encrypting a string with Blowfish in ruby returns a shorter string than the same process in php

This is confusing me.

When I try and use the following inputs to encrypt a string with Blowfish: key = "some key" input = "input string"

I get the following results:

ruby: ["79af8c8ee9220bde"]
php: 79af8c8ee9220bdec2d1c9cfca7b13c6

I am going to be receiving strings from a php application so I need to get these two to sync up but I don't understand why the php string would be longer. What am I missing?

php code:

php > require_once 'Crypt/Blowfish.php';
php > $input = "input string";
php > $key = "some key";
php > $crypt = new Crypt_Blowfish($key);
php > echo bin2hex($crypt->encrypt($input));
79af8c8ee9220bdec2d1c9cfca7b13c6

ruby code:

irb(main):001:0> require 'rubygems'
=> true
irb(main):002:0> require 'crypt/blowfish'
=> true
irb(main):003:0> input = "input string"
=> "input string"
irb(main):004:0> key = "some key"
=> "some key"
irb(main):005:0> blowfish = Crypt::Blowfish.new(key)
=> #<Crypt::Blowfish:0xb74b10c4 @sBoxes=[[3156471959, 1769696695, 1443271708, 181204541, 
...... 1894848609], @key="some key">
irb(main):006:0> blowfish.encrypt_block(input)
=> "y\257\214\216\351\"\v\336"
irb(main):007:0> blowfish.encrypt_block(input).unpack("H*")
=> ["79af8c8ee9220bde"]
Solution

  • Assuming that Crypt_Blowfish either uses mcrypt or acts just like it, you're encountering a padding issue. In particular, the string is being right-padded with null bytes until it's as long as a multiple of the block size. From the PHP interactive shell:

    php > $bf = mcrypt_module_open('blowfish', '', 'ecb', '');
php > $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($bf), MCRYPT_DEV_RANDOM);
php > $key = 'some key';
php > mcrypt_generic_init($bf, $key, $iv);
php > echo mcrypt_enc_get_block_size($td);
8
php > echo bin2hex(mcrypt_generic($bf, 'input string'));
79af8c8ee9220bdec2d1c9cfca7b13c6
php > echo bin2hex(mcrypt_generic($td, "input string\0\0\0\0"));
79af8c8ee9220bdec2d1c9cfca7b13c6

    There doesn't seem to be an obvious way to change the padding mode in mcrypt, and I don't know who wrote the library you're using. Check for a padding mode in the module's documentation.

    With any luck, you can just set Ruby's padding mode instead, or simply null-pad the string on Ruby's side.