Posted by sm519 (sm519), 1 December 2004Hi There,
I'm currently working in porting over our password encryption/authorisation system from Java to PHP.
I'm using the same cipher and mode in PHP as was used in Java however the resulting encrypted strings differ slightly.
I have base64 encoded the encrypted string in both languages and they produce a final string of the same length.
The difference I've noticed with Java encryption is that a salt is used to prepare a key for generation and then the generated key is passed to the cipher. In PHP a salt is not used within the mcrypt functions - simply a user defined key and IV is passed to the module_open function.
Has anyone had any experience of porting TripleDES encryption functionality from Java to PHP? Any suggestions advice would be appreciated as I have been unable to find much information from the usual sources - ie google
Posted by admin (Graham Ellis), 2 December 2004Not an area I've got much personal experience in, and overnight seems to have been fully taking up with sleeping and firefighting ... I did grab the "secure PHP development" book off the shelf but it's less helpful than I would have expected. Also looked at the "crypt" manual page for clues ... and several other book.
"Fools rush in ...." etc. Pure guess. Is there some extra parameter / constant associated with the 3DES encoding that you don't actually get an opportunity to specify - and is it written differently in Java to PHP?
Wait .. (just writing as I research) .... there's about 8 pages on encryption in the PHP cookbook
pages 371 onwards ...
Do you have a copy / local bookstore you can have a quick look in ??
PH: 01144 1225 708225 • FAX: 01144 1225 899360 • EMAIL: firstname.lastname@example.org • WEB: http://www.wellho.net • SKYPE: wellho