I'm using a function to encode and decode some text , But seems it doesn't support my country language (Persian) and change them to some unreadable text, How can i fix it .
<?php
class encrypt {
/********* Encode *********/
public static function encode($pure_string, $encryption_key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$encrypted_string = mcrypt_encrypt(MCRYPT_BLOWFISH, md5(base64_encode(trim($encryption_key))), utf8_encode(trim($pure_string)), MCRYPT_MODE_ECB, $iv);
return base64_encode($encrypted_string);
}
/********** Decode ************ */
public static function decode($encrypted_string, $encryption_key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypted_string = mcrypt_decrypt(MCRYPT_BLOWFISH, md5(base64_encode(trim($encryption_key))),base64_decode(trim($encrypted_string)), MCRYPT_MODE_ECB, $iv);
return $decrypted_string;
}
}
?>
The same IV needs to be used for encryption and decryption, a general method is to prefix the encrypted data with the IV for use during decryption.
There is no need to Base64 encode or trim the encryption key.
Do not trim the encrypted data, encrypted data can contain null (0x00) bytes.
Encryption operates on bytes, not characters, as such any text language makes no difference.
Adding calls inline to other calls just makes debugging more difficult, separate the steps into separate statements with intermediate variables.
Do not use Blowfish, use AES, even the creator of Blowfish uses AES.
Do not use ECB mode, it is insecure, see ECB mode, scroll down to the Penguin.
ECB mode does not use an IV.
What you are doing is encryption, not encoding.
Consider using defuse or RNCryptor, they provide a complete solution and are being maintained.