A

Anonymous

Question

SHA-1 Algorithm and Decryption in CF

Forum|Forum|14 years ago
December 5, 2011
4 replies
9083 views

Hello there,

I am trying to decrypt a string and I get the following error message:

"The SHA1 algorithm is not supported by the Security Provider you have chosen."

This is a small description of the system:

OS: Windows Server 2003

CF Version: 8, STANDARD

Web Server: IIS

I have successfully worked with encryption/decryption in the past, but on Enterprise versions of CF. I am wondering if the fact that CF is standard has to do with the problem.

Thanks,

This topic has been closed for replies.

A

Anonymous

I got more information about the context of my question. The client is sending the SAML message (SAML response) for us to decrypt. I attached a picture with the dump of a struct. The text on xmltext is what my colleague is trying to decrypt. They also sent him some sample encrypted text which I guess is for testing the decryption.

Jason it is probably scenario 2 or 3 of your previous response. I will get involved and figure out what is exactly going on. So in this case, the customer that we are workign with, they still must send me a private or public key to make the decryption, am I correct?

12Robots

Participating Frequently

Sorry, that screen shot is no good.

12Robots

Participating Frequently

Ok, let me explain. The original message that they send is a gigantic string and I just need to decode it like this. form.SAMLResponse is what I get from PeopleSoft.

That gives me a XML file that I parse and among many XML elements there are two elements in the XML file with this: data to decrypt and a key. Based on the instructions that my colleague received from the client, that key should decrypt the message. And I am repeating what I was told almost textually. I saved the XML file and sent it over to the peopleSoft developer and explained to him what is going on. He told me he wanted to look further into it (which probably means shelf the issue until someone around here puts more pressure to cooperate with us) because the key is supposed to decrypt the message. I find myself fascinated with this and want to get it done.

Initially I was very confused because they had sent us before a IDP metadata file containing a certificate which had a key. But neither keys work.

If the key is actually *WITH* the data to be decrypted, please tell the provider that I said they were stupid, then give them a good, hard sack punch.

If they are even a little smart, then that is not the key you need.

Jason

12Robots

Participating Frequently

SHA-1 is a hashing algorithm, not an encryption algorithm. As cfSearching said, it cannot be decrypted. It is a one-way street.

Jason

A

Anonymous

I got more information on this matter. We are a getting an encrypted XML text generated from a SAML 2.0 SSO system. The XML text contains user credentials. On our end we are supposed to decrypt the file and parse the XML file to complete the login process.

I got a couple of booklets on SAML 2.0 SSO but I cannot find what key is being used to encrypt the message, which I believe I need to know to successfully decrypt it.

Owainnorth

Inspiring

I cannot find what key is being used to encrypt the message, which I believe I need to know to successfully decrypt it.

It would kinda defeat the object if you didn't

-

-__cfSearching__-

Inspiring

It sounds like you are talking about a hashed value, not an encrypted string. You should not be able to reversed a hashed string (not easily anyway).

Owainnorth

Inspiring

ColdFusion 8 documentation shows supported algorithms for decrypt() are CFMX_COMPAT, AES, BLOWFISH, DES and DESEDE. So I guess that's your answer

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded