From: gslin at pixnet dot tw Operating system: FreeBSD 7.2-RELEASE i386 PHP version: 5.2.11 PHP Bug Type: mcrypt related Bug description: Incorrect test vector CFB/OFB results for Blowfish encryption
Description: ------------ Incorrect results for CFB/OFB Blowfish test vectors (http://www.schneier.com/code/vectors.txt). Reproduce code: --------------- <?php $iv = pack('H*', 'FEDCBA9876543210'); printf("iv: %s\n", bin2hex($iv)); $k = pack('H*', '0123456789ABCDEFF0E1D2C3B4A59687'); printf("key: %s\n", bin2hex($k)); $data = pack('H*', '37363534333231204E6F77206973207468652074696D6520666F722000'); printf("data: %s\n", bin2hex($data)); $cbc = mcrypt_cbc('blowfish', $k, $data, MCRYPT_ENCRYPT, $iv); printf("cbc: %s\n", bin2hex($cbc)); $cfb = mcrypt_cfb('blowfish', $k, $data, MCRYPT_ENCRYPT, $iv); printf("cfb: %s\n", bin2hex($cfb)); $ofb = mcrypt_cfb('blowfish', $k, $data, MCRYPT_ENCRYPT, $iv); printf("ofb: %s\n", bin2hex($ofb)); Expected result: ---------------- iv: fedcba9876543210 key: 0123456789abcdeff0e1d2c3b4a59687 data: 37363534333231204e6f77206973207468652074696d6520666f722000 cbc: 6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc cfb: e73214a2822139caf26ecf6d2eb9e76e3da3de04d1517200519d57a6c3 ofb: e73214a2822139ca62b343cc5b65587310dd908d0c241b2263c2cf80da Actual result: -------------- iv: fedcba9876543210 key: 0123456789abcdeff0e1d2c3b4a59687 data: 37363534333231204e6f77206973207468652074696d6520666f722000 cbc: 6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc cfb: e7bb1fc3073eb8314b378689fab0b1160244415d4d017fce0d9b4cb2fa ofb: e7bb1fc3073eb8314b378689fab0b1160244415d4d017fce0d9b4cb2fa -- Edit bug report at http://bugs.php.net/?id=50082&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=50082&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=50082&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=50082&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=50082&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=50082&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=50082&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=50082&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=50082&r=needscript Try newer version: http://bugs.php.net/fix.php?id=50082&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=50082&r=support Expected behavior: http://bugs.php.net/fix.php?id=50082&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=50082&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=50082&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=50082&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50082&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=50082&r=dst IIS Stability: http://bugs.php.net/fix.php?id=50082&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=50082&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=50082&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=50082&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=50082&r=mysqlcfg
