Skip to main content
A
Anonymous
December 5, 2011
Question

SHA-1 Algorithm and Decryption in CF

  • December 5, 2011
  • 4 replies
  • 9083 views

Hello there,

I am trying to decrypt a string and I get the following error message:

"The SHA1 algorithm is not supported by the Security Provider you have chosen."

This is a small description of the system:

OS: Windows Server 2003

CF Version: 8, STANDARD

Web Server: IIS

I have successfully worked with encryption/decryption in the past, but on Enterprise versions of CF. I am wondering if the fact that CF is standard has to do with the problem.

Thanks,

    This topic has been closed for replies.

    4 replies

    A
    Anonymous
    December 7, 2011

    I got more information about the context of my question. The client is sending the SAML message (SAML response) for us to decrypt. I attached a picture with the dump of a struct. The text on xmltext is what my colleague is trying to decrypt. They also sent him some sample encrypted text which I guess is for testing the decryption.

    Jason it is probably scenario 2 or 3 of your previous response. I will get involved and figure out what is exactly going on. So in this case, the customer that we are workign with, they still must send me a private or public key to make the decryption, am I correct?  

    12Robots
    12Robots
    Participating Frequently
    December 7, 2011

    Sorry, that screen shot is no good.

    12Robots
    12Robots
    Participating Frequently
    December 8, 2011

    I also updated my JCE jar files to support encryption 128 bits or higher. But the message: "























    		The key specified is not a valid key for this encryption: Invalid key data length

    Still persists.


    Where did you put the jar files? If you put them in the normal <coldfusion>/lib directory then that is not correct. They belong in the <coldfusion>/runtime/lib/security/ directory.

    Also, how long is the key? Is it a string or a serialized JavaObject? 

    Jason

    12Robots
    12Robots
    Participating Frequently
    December 5, 2011

    SHA-1 is a hashing algorithm, not an encryption algorithm. As cfSearching said, it cannot be decrypted. It is a one-way street.

    Jason

    A
    Anonymous
    December 6, 2011

    I got more information on this matter. We are a getting an encrypted XML text generated from a SAML 2.0 SSO system. The XML text contains user credentials. On our end we are supposed to decrypt the file and parse the XML file to complete the login process.

    I got a couple of booklets on SAML 2.0 SSO but I cannot find what key is being used to encrypt the message, which I believe I need to know to successfully decrypt it.

    Owainnorth
    Owainnorth
    Inspiring
    December 6, 2011

    I cannot find what key is being used to encrypt the message, which I believe I need to know to successfully decrypt it.

    It would kinda defeat the object if you didn't

    -
    -__cfSearching__-
    Inspiring
    December 5, 2011

    It sounds like you are talking about a hashed value, not an encrypted string. You should not be able to reversed a hashed string (not easily anyway).

    Owainnorth
    Owainnorth
    Inspiring
    December 5, 2011

    ColdFusion 8 documentation shows supported algorithms for decrypt() are CFMX_COMPAT, AES, BLOWFISH, DES and DESEDE. So I guess that's your answer

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices