I have a script running on my production server that uses PEAR Crypt_Blowfish (1.0.1) to encrypt/decrypt passwords. I'm in the process of moving to new server hardware and am having problems with the new system being able to decrypt the passwords that were encrypted by the old.
On both systems I use the same key and the same function's code to encrypt/decrypt.
Since I'm using the same key on both systems shouldn't I be seeing the same values being returned regardless of the system, or does Blowfish use elements in the encryption that are unique to each installation?
I appreciate any help you can provide, thanks!
//(BCK is the constant containing the crypt key I use.)
$result = '';
$crypt = new Crypt_Blowfish(BCK);
if ('DECRYPT' == $action)
$result = trim($crypt->decrypt(pack('H*', $pw)));
else if ('ENCRYPT' == $action)
$result = bin2hex($crypt->encrypt($pw));