Skip to main content
B
Balance
Inspiring
September 29, 2009
Question

Decrypt not working

  • September 29, 2009
  • 1 reply
  • 3698 views

I'm saving data to a specific field in the database using the following code:

[GoodLuck] = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(encrypt(trim(Form.Secret),variables.encKey,variables.algorithm,variables.encoding))#">

This works fine, but when I try to decrypt it using this code:

<cfset attributes.secret=decrypt(trim(GoodLuck),variables.encKey,variables.algorithm,variables.encoding)>

It fails with this message:

An error occurred while trying to encrypt or decrypt your input string: com.rsa.jsafe.crypto.dr: Could not perform unpadding: invalid pad byte..

Why is the decryption failing if I'm using the same key, algorithm, and encoding type that I use to encrypt it successfully?

TIA

    This topic has been closed for replies.

    1 reply

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    September 29, 2009

    You should compare like with like. I would do it like this

    <cfset variables.secret = trim(Form.Secret)>
    <cfset variables.lucky = encrypt(variables.secret,variables.encKey,variables.algorithm, variables.encoding)

    <!--- in the query --->
    [GoodLuck] = <cfqueryparam cfsqltype="cf_sql_varchar" value="#variables.lucky#">


    <!--- [GoodLuck] plays no part outside  the query. Use the Coldfusion variable, variables.lucky, instead! --->
    <cfset attributes.secret=decrypt(variables.lucky,variables.encKey,variables.algorithm,variables.encoding)>

    B
    BalanceAuthor
    Inspiring
    September 30, 2009

    I've updated the code but I'm still having the same error:

    com.rsa.jsafe.crypto.dr: Could not perform unpadding: invalid pad byte.

    Just to make sure you understand, I'm writing the encrypted variable to the database.

    The data stored is identical to the output generated by encrypt(), so there's no possibility of a mismatch.

    Then, there's a separate page that displays the data in its unencrypted format, which is using decrypt().

    It is on this page that I'm getting the error since it doesn't seem to be able to decrypt the field storing the encrypted data.

    Could it be that the issue is with generateSecretKey()?

    In other words, when I write the variable to the database it uses one key, and when I run decrypt() it uses a different key.

    Thanks

    -
    -__cfSearching__-
    Inspiring
    September 30, 2009

    Could it be that the issue is with generateSecretKey()?

    In other words, when I write the variable to the database it uses one key, and when I run decrypt() it uses a different key.

    When decrypting, you must use the same key used to encrypt - yes.

    TRIM(encrypt(trim(Form.Secret)

    Also, do not trim() the value after it is encrypted.  Even whitespace may be signifigant with encrypted values. So removing it could cause problems when decrypting.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices