I've seen a number of postings on the forums about getting CF's encrypt method to play nice with data encrypted from a .NET system. I currently find myself in a situation where I'm having to walk a .NET developer through using encryption on their end in order to send/accept encrypted data with ColdFusion. Does anyone have a plug-and-play example that demonstrates an encrypted string exchange between CF and .NET that I could use as reference?
That would be great! The actual exchange of data is easy - telling a .NET developer how to configure their application so they can read my CF encrypted text = hard.
Here is a simple example of AES in C#/ColdFusion:
ColdFusion code:
<cfset thePlainData = "Nothing to see here folks" />
<cfset theKey = "oRJUjgbx9SGGR6v3T8JGJg==" />
<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />
<cfset theIVInBase64 = "f+hYUyjprHt/6FhTKOmsew==" />
<cfset theEncoding = "base64" />
<!--- do encrypt/decrypt --->
<!--- iv must be a byte array --->
<cfset theIV = BinaryDecode(theIVInBase64, "base64") />
<cfset encryptedString = encrypt(thePlainData, theKey, theAlgorithm, theEncoding, theIV) />
<cfset decryptedString = decrypt(encryptedString, theKey, theAlgorithm, theEncoding, theIV) />
<!--- display results --->
<cfdump var="#variables#" label="AES/CBC/PKCS5Padding Results" />
C# code:
using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
public class AESCBC
{
public static void Main(string[] args)
{
try
{
// Just hard coded values for testing ...
String thePlainData = "Nothing to see here folks";
String theKey = "oRJUjgbx9SGGR6v3T8JGJg==";
String theIV = "f+hYUyjprHt/6FhTKOmsew==";
String encryptedText = EncryptText(thePlainData, theKey, theIV);
String decryptedText = DecryptText(encryptedText, theKey, theIV);
Console.WriteLine("Encrypted String: {0}", encryptedText);
Console.WriteLine("Decrypted String: {0}", decryptedText);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadLine();
}
public static String EncryptText(String Data, String Key, String IV)
{
// Extract the bytes of each of the values
byte[] input = Encoding.UTF8.GetBytes(Data);
byte[] key = Convert.FromBase64String(Key);
byte[] iv = Convert.FromBase64String(IV);
// Create a new instance of the algorithm with the desired settings
RijndaelManaged algorithm = new RijndaelManaged();
algorithm.Mode = CipherMode.CBC;
algorithm.Padding = PaddingMode.PKCS7;
algorithm.BlockSize = 128;
algorithm.KeySize = 128;
algorithm.Key = key;
algorithm.IV = iv;
// Create a new encryptor and encrypt the given value
ICryptoTransform cipher = algorithm.CreateEncryptor();
byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);
// Finally, return the encrypted value in base64 format
String encrypted = Convert.ToBase64String(output);
return encrypted;
}
public static String DecryptText(String Data, String Key, String IV)
{
// Extract the bytes of each of the values
byte[] input = Convert.FromBase64String(Data);
byte[] key = Convert.FromBase64String(Key);
byte[] iv = Convert.FromBase64String(IV);
// Create a new instance of the algorithm with the desired settings
RijndaelManaged algorithm = new RijndaelManaged();
algorithm.Mode = CipherMode.CBC;
algorithm.Padding = PaddingMode.PKCS7;
algorithm.BlockSize = 128;
algorithm.KeySize = 128;
algorithm.Key = key;
algorithm.IV = iv;
//FromBase64String
// Create a new encryptor and encrypt the given value
ICryptoTransform cipher = algorithm.CreateDecryptor();
byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);
// Finally, convert the decrypted value to UTF8 format
String decrypted = Encoding.UTF8.GetString(output);
return decrypted;
}
}
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
AdChoices