Decrypt problem

Report · Mar 01, 2010

Hello!

I have problem decripting string if the string is long.

I use

I have tried and other but nothing works for me.

also i do the encrypt like this: #URLEncodedFormat(Encrypt(tmpnodeid,session.key,session.algo,session.enco))#

and i pass this value as url parameter, which btw sometimes is cut.

Then i decrypt it like this: #Decrypt(URLDecode(URL.name),session.key,session.algo,session.enco)#

Can anyone please help me?

Thank you in advance!

Kind regards!

Report · Mar 01, 2010

Plz try this below code ..its working for me

<pre>
string=#str#
encrypted=#enc#
decrypted=#dec#

</pre>
</cfoutput>

Report · Mar 01, 2010

Hi

Thank you for your reply.

I have tried that and it works, but when the string is too long, it doesnt works, and some times it also cuts the url string.

I can't understand this random behaiviour.

Also i tried very long string in a page where don't have anything else but this code, and some times it decrypt it some times it doesn't.

I read somewhere this:

The Encrypt and Decrypt functions do not work with double-byte character sets. If you pass a string containing double-byte characters to the Encrypt function, and later pass the encrypted value to the Decrypt function, the string is not properly decrypted.

And that it is known issue in coldfusion. I still hope, there is a way to fix that.

Report · Mar 01, 2010

There are usually limits on the length of a query string, which will be a setting on the webserver you are using.

Also, any variables in the URL scope are already decoded. So you do not need to call the function URLDecode().

If the encoding and decoding are taking place in seperate applications, make sure you are using the same encoding for the URL scope (this can be set in the application cfc/cfm).

Report · Mar 01, 2010

Hi

I tried what u adviced me but i still get this: An error occurred while trying to encrypt or decrypt your input string: com.rsa.jsafe.crypto.dr: Could not perform unpadding: invalid pad byte..

I can't understand why. I haven't met in internet someone else to complain about it.

Kind regards!

Report · Mar 01, 2010

Does it work if you dont pass the string over the URL, you have to make sure that the complete encrpyted string is available once been passed over the URL.

How long is the encrypted text? What language/characters are used in the text?

It would be best if you can supply a concrete example with code.

Report · Mar 01, 2010

Hi

i have only change to pass the string using url in this case.

the sttring look something like this:

73467_DFGSDFGFSDGSDFG_SDFGSDFGSDFGSD_SDF_DFGSDFGS

The url is the whole encrypted string, i have checked it now.

it is like this:

in some page have outputed many links with this the string encrypted in the url.

when click some of these strings, it redirects to the same page but it checks if the url is defined and if is defined shows diffrent portion of the code.

Only english letters are used in the strings.