php_blowfish.php - PHP Blowfish Demo

Blowfish Cipher Tutorials - Herong's Tutorial Examples

∟php_blowfish.php - PHP Blowfish Demo

This section provides a tutorial example on how to use mcrypt_module_*() functions to perform Blowfish cipher encryption in PHP. The demo PHP script is provided by Chilkat Software.

Here is nice demo PHP script provided at https://www.chilkatsoft.com/p/php_blowfish.asp:

<?php
#- Blowfish-PHP-Chilkat.php
#- https://www.chilkatsoft.com/p/php_blowfish.asp

   $cipher = mcrypt_module_open(MCRYPT_BLOWFISH, '', 
      MCRYPT_MODE_CBC, '');
      
   // The block-size of the Blowfish algorithm is 64-bits, therefore 
   // our IV is always 8 bytes:
   $iv = '12345678';
   
   $key256 = '1234567890123456ABCDEFGHIJKLMNOP';
   $key128 = '1234567890123456';
   
   printf("iv: %s\n",bin2hex($iv));
   printf("key256: %s\n",bin2hex($key256));
   printf("key128: %s\n",bin2hex($key128));
   
   $cleartext = 'The quick brown fox jumped over the lazy dog';
   printf("clearText: %s\n\n",$cleartext);
      
   // Do 256-bit blowfish encryption:
   // The strength of the encryption is determined by the length of the
   // key passed to mcrypt_generic_init
   if (mcrypt_generic_init($cipher, $key256, $iv) != -1)
   {
      // PHP pads with NULL bytes if $cleartext is not a multiple of 
      // the block size.
      $cipherText = mcrypt_generic($cipher,$cleartext );
      mcrypt_generic_deinit($cipher);
      
      // Display the result in hex.
      printf("256-bit blowfish encrypted:\n%s\n\n",
         bin2hex($cipherText));
   }
   
   // 128-bit blowfish encryption:
   if (mcrypt_generic_init($cipher, $key128, $iv) != -1)
   {
      // PHP pads with NULL bytes if $cleartext is not a multiple of 
      // the block size.
      $cipherText = mcrypt_generic($cipher,$cleartext );
      mcrypt_generic_deinit($cipher);
      
      // Display the result in hex.
      printf("128-bit blowfish encrypted:\n%s\n\n",
         bin2hex($cipherText));
   }
   
   // -------
   // Results
   // -------
   // You may use these as test vectors for testing your Blowfish 
   // implementations...
   // 
   // iv: 3132333435363738
   // key256: 31323334353637383930313233343536
   //         4142434445464748494a4b4c4d4e4f50
   // key128: 31323334353637383930313233343536
   // clearText: The quick brown fox jumped over the lazy dog
   // 
   // 256-bit blowfish encrypted:
   // 276855ca6c0d60f7d9708210440c1072e05d078e733b34b4
   // 198d609dc2fcc2f0c30926cdef3b6d52baf6e345aa03f83e
   // 
   // 128-bit blowfish encrypted:
   // d2b5abb73208aea3790621d028afcc74d8dd65fb9ea8e666
   // 444a72523f5ecca60df79a424e2c714fa6efbafcc40bdca0
?>

I got the following output with sample script on my Windows system:

C:\herong>php Blowfish-PHP-Chilkat.php

iv: 3132333435363738
key256: 31323334353637383930313233343536
        4142434445464748494a4b4c4d4e4f50
key128: 31323334353637383930313233343536
clearText: The quick brown fox jumped over the lazy dog

256-bit blowfish encrypted:
276855ca6c0d60f7d9708210440c1072e05d078e733b34b4
198d609dc2fcc2f0c30926cdef3b6d52baf6e345aa03f83e

128-bit blowfish encrypted:
d2b5abb73208aea3790621d028afcc74d8dd65fb9ea8e666
444a72523f5ecca60df79a424e2c714fa6efbafcc40bdca0

What I learned from this test:

The MCRYPT module is built-in PHP for Windows. No need to do any download, installation and configuration.
Blowfish in CBC (Cipher Block Chaining) mode is supported by the MCRYPT module.
The output matches perfectly with what expected by the author of the script.