PHP Blowfish encrypt / decrypt with database

0
votes

I have an encrypt / decrypt code found on stackoverflow. It is this one:

public function decrypt_blowfish($data,$key){
    try{
        $iv     =   pack("H*" , substr($data,0,16));
        $x      =   pack("H*" , substr($data,16)); 
        $res    =   mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $x , MCRYPT_MODE_CBC, $iv);
        return $res;
    }catch(Exception $ex){
        echo $ex->getMessage();
    }
}

function encrypt_blowfish($data,$key){
    try{
        $iv_size    =   mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC);
        $iv         =   mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $crypttext  =   mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $data, MCRYPT_MODE_CBC, $iv);
        return bin2hex($iv . $crypttext);
    }catch(Exception $ex){
        echo $ex->getMessage();
    }
}

it works fine if i test it just with a php without values out of a database, but if i use it with values out of a database i get things like "Manuel��" instead of just "Manuel" - can you tell me what is my mistake?

1
phpencryptionblowfish
it could be an encoding issue - stackoverflow.com/questions/279170/utf-8-all-the-way-through is most likely where you'll find your solution, probably a dupe alsoFunk Forty Niner
Without trying to be rude, the mistake is that you're taking random code from this site. mcrypt is abandonware. There are many examples of proper encryption/decryption implementation in PHP on github. Consider wiping this code and replacing it with this one.Mjh
It is best not to use PHP mcrypt, it is abandonware, has not been updated in years and does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding that can't even be used with binary data. mcrypt has many outstanding bugs dating back to 2003. The mcrypt-extension is deprecated will be removed in PHP 7.2. Instead consider using defuse or RNCryptor, they provide a complete solution and are being maintained and is correct.zaph
Note that even the author of Blowfish now uses AES.zaph
thanks all, i will try AES instead of blowfishManuel Weitzel

1 Answers

0
votes

try by encoding to 64 bits and encrypting the string and and after decryption decode it. it will work...

$newDataToEncrypt=base64_encode($data);

And after getting a decrypted text

 $data=base64_decode($decryptData);

try it