One of the comments in blowfish.c may be wrong #32
Description
https://github.com/B-Con/crypto-algorithms/blob/master/blowfish.c#L248
On this line it says that the key size supported is 56 bytes (448 bits) or less. However, I believe that this actually supports a key size of up to 72 bytes/576 bits.
At idx=17, idx2=68 in the loop. This means that on the 18th iteration, its reading from bytes 68-71%len.
If len is 72, it seems like that, and not 56, is the upper bound of the key size, anything above that being truncated.