16 Replies Latest reply on Nov 26, 2009 7:42 PM by -==cfSearching==-

    Blowfish Encrypt() output differs from Blowfish encryption in PHP and other languages


      I need to post the result of a blowfish hex encryption to an external API. 


      The result of encrypt(myText, key, "BLOWFISH", "HEX") gives me a value that I can decrypt just fine in coldfusion, but apparently not the same value as you would get if you ran the same encryption (blowfish, hex) using PHP or Java. 


      Essentially I'm trying to make the result of
      encrypt(myText, key, "BLOWFISH", "HEX")
      match what you get using this tool:
      this tool seems to output the result that would be generated by php and what the API expects.


      I'm not sure why the result differs or what options I would need to change to make Coldfusion generate the correct value.

      I've tried padding the myText variable with null characters to fill it so the length is a multiple of 8 (have to use URLDecode("%00") instead of char(0) as the null character, since char(0) doesn't actually increase the length of the string).  But that doesn't seem to have much of any effect.

      If someone can make the result of coldfusion's blowfish encryption match what you get using that tool above I would really appreciate it.