PHP Blowfish encryption

I've been asked to point a login form to an external site, where login and pass should be present in the URL and the pass should be Blowfish enc开发者_如何学编程rypted. I was provided a "key" which is in the format: "nnn-nnnssssssssssssssssssssssssnnnnnn" where n is a number and s is a letter (24 of them).

From the PHP docs it seems that to trigger Blowfish encryption with crypt() one needs to provide a salt in a specific format, starting with "$2a$", but this is not the format of the key I was provided. Does this mean I need to provide a salt of my own? If yes, what is the point of the key I was provided?

crypt is a hashing function, it's not for encryption. To actually encrypt something you need mcrypt or a pure php implementation (i remember to see something in pear).

Try this as the salt: $2a$nn$nnnnsssssssssssnnn$ (didn't work)

It isn't a hash then and you'll have to use mcrypt or the PEAR library:

http://pear.php.net/package/Crypt_Blowfish

Example:

http://www.chilkatsoft.com/p/php_blowfish.asp

I don't see an IV so the mode will have to be ECB (weak) and the whole thing will be the key.