Home/ Questions/Q 8641171
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T11:27:27+00:00

Here is my problem, I have user accounts created from java(jsp) interface which uses

  • 0

Here is my problem, I have user accounts created from java(jsp) interface which uses Blowfish/ECB/PKCS5Padding to encrypt the password to store in the database. Now, i am trying to authenticate from a different application which is developed in PHP with the user accounts that were created from java(jsp) front end, but when i try and compare the values that were returned from java end and php after encryption they come out to be different.

JAVA CODE: 

     import java.io.*;
     import java.util.*;
     import javax.crypto.*;
     import javax.crypto.spec.*;

     import java.security.Provider;
     import java.security.Security;
     public class Test
     {
       public static byte[] raw =null;
       public static SecretKeySpec skeySpec;
       public static Cipher cipher;
       public static void main(String ags[]) throws Exception
       {
           byte[] key={1,2,3,4,5,6,7};
           skeySpec = new SecretKeySpec(key, "Blowfish");
           System.out.println("KEY : "+bytesToString(skeySpec.getEncoded()));
                   String cipherInstName = "Blowfish/ECB/PKCS5Padding";
           cipher = Cipher.getInstance(cipherInstName);
           cipher.init(Cipher.ENCRYPT_MODE,skeySpec);
           byte[] encrypted = cipher.doFinal(("asdfgh").getBytes());        
           System.out.println("PLAIN TEXT : "+("asdfgh").getBytes());
           System.out.println("ENCRYPTED TEXT : "+bytesToString(encrypted));             
       }

           private static String bytesToString(byte [] value)
           {
                   StringBuffer retVal = new StringBuffer();
                   for(int i=0; i<value.length; i++)
                   {
                       retVal.append(value[i]+":");
                   }
                   int inx = retVal.toString().lastIndexOf(":");
                   retVal= new StringBuffer(retVal.toString().substring(0,inx));
                   return retVal.toString();
           }
     }

JAVA OUTPUT:

    KEY : 1:2:3:4:5:6:7
    PLAIN TEXT : [B@1ea5671
    ENCRYPTED TEXT : 81:102:-114:102:82:80:83:-123

PHP CODE : 

    function pkcs5_pad($text,$blocksize)
{
    $pad = $blocksize - (strlen($text) % $blocksize);
    return $text.str_repeat(chr($pad),$pad);
}
function pkcs5_unpad($text)
{
    $pad = ord($text{strlen($text)-1});
    if ($pad > strlen($text)) return false;
    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
    return substr($text, 0, -1 * $pad);
}
$blockSize = mcrypt_get_block_size(MCRYPT_BLOWFISH,MCRYPT_MODE_ECB);
$padded = pkcs5_pad("asdfgh",$blockSize);
$key="1:2:3:4:5:6:7";
echo "<br/>";
//$cipher = mcrypt_ecb(MCRYPT_BLOWFISH,$key, $padded, MCRYPT_ENCRYPT);
$cipher = mcrypt_encrypt("blowfish",$key,$padded,"ecb");
echo "ENCRYPTED TEXT : ".base64_encode($cipher);

PHP OUTPUT : 

    ENCRYPTED TEXT : draOlOiLFMs/Y+x+7mOhZw==

Please help me in getting this resolved.

Thanks:)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First of all, you might want to encode your bytes in hexadecimal on both systems, it makes comparisons much easier.

    Second, you are not controlling how you convert between strings of characters to byte array encoding (and the other way around). This is called character-encoding. In Java you should never use the String.getBytes() method without specifying a character encoding.

    That [B@1ea5671 result is just the identification of the object instance of the byte array. You cannot directly print out byte arrays in Java.

    • 0