Copy link to clipboard
Copied
I have the following PHP Code that uses an AES/ECB/PKCS5Padding
PHP Code:
$hashRequest = '';
$hashKey = 'HM53BC0C176Z58PV';
$mapString='
amount=30.0&autoRedirect=0&emailAddr=fakhar.munir88@gmail.com&expiryDate=20190721 112300&mobileNum=03345400644&orderRefNum=1008&paymentMethod=MA_PAYMENT_METHOD&postBackURL=http://shopweb.windsorparking.com/php/getToken.php&storeId=3528'
// Encrypting mapString
function pkcs5_pad($text, $blocksize) {
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
$alg = MCRYPT_RIJNDAEL_128; // AES
$mode = MCRYPT_MODE_ECB; // ECB
$iv_size = mcrypt_get_iv_size($alg, $mode);
$block_size = mcrypt_get_block_size($alg, $mode);
$iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM);
$mapString = pkcs5_pad($mapString, $block_size);
$crypttext = mcrypt_encrypt($alg, $hashKey, $mapString, $mode, $iv);
$hashRequest = base64_encode($crypttext);
// end encryption;
My ColdFusion Code So Far
<cfset mapString = "amount=30.0&autoRedirect=0&emailAddr=fakhar.munir88@gmail.com&expiryDate=20190721 112300&mobileNum=03345400644&orderRefNum=1008&paymentMethod=MA_PAYMENT_METHOD&postBackURL=http://shopweb.windsorparking.com/php/getToken.php&storeId=352" />
<cfset theKey = toBase64("HM53BC0C176Z58PV") />
<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />
<cfset theEncoding = "base64" />
<cfset theIV = "HM53BC0C176Z58PV" />
<cfset encryptedString = encrypt(thePlainData, theKey, theAlgorithm, theEncoding, theIV) />
<cfoutput>#encryptedString#</cfoutput>
The Results are different
Can Any one Help
Hello
I think I have resolved the Issue
<cfset input = "amount=30.0&autoRedirect=0&emailAddr=me@.com&expiryDate=20190721 112300&mobileNum=03345400644&orderRefNum=1008&paymentMethod=MA_PAYMENT_METHOD&postBackURL=shopping cart id">
<!---
Generate a secret key. We are going to be using a more complex
form of encryption; however, we can still tell the key-generator
that we are simply using AES (Advanced Encryption Standard).
--->
<cfset encryptionKey = toBase64("HM53BC0C176Z58PV") />
<!---
Now
...Copy link to clipboard
Copied
Before we go any further, the storeID in the PHP query-string is 3528, whereas it is 352 in the ColdFusion query-string.
Copy link to clipboard
Copied
Sorry my bad... stories
is 3528
Copy link to clipboard
Copied
Hello BKBK,
I tried with the correction made to storeid
The results in PHP
+gsH3CaifLXzoJ4TiCyqf7TPK+HnBaUEv3j5Fz41P1omhRoMOzCGcZHkYB7QfBqqlHOCBbcw8pn9lWd2JshYiQ8A2adAzdORxq2ug60YQKY1g9yhAcaoHaPouAkEJ5D/3ZZORvxfBZvwWcDzz7BmTwawCiKet5VBhLruTsiHPY/x6DETR2gIAKp34cPwJmHSTFH2+c41PqfrySW8MqX9MxcG1x/A2ADMA7wE2nMirNlEDv+IVPF//Cjknv8K2XSJR6rdy46eiwbWnHmDpBMk4AfcKDxk7fTu2JZp7SVvkj7xIWpUS+7H9ZHTFP5VFPVl
The Results in CF
KjCDw7J4UP1NGTeBZpfKIasd3Wkn9xyIZDs3AC5BPMwLSsJwoB51TOxWzusupJGpjA3QUs3Np2ZJkAHqwLvXrik1PVNXZ09KEK14RGLtx0zrXg7Ze+4IyVI1thvnFVtRbLl69NZPk9zQ+Nt/C3TVV1H22ty6jcEOdue7ouPsNfNnZqu3mAaukVvMqh4+FRXbhkXLSa5ze5VdNDkBq78TQ05JNDWMCiDrF55OeJR0/QgRlB7SFL4kNoMkhxEfkc6nuhP2jhirfubuDi1Sto6LUBtyJB5A7orqzd27CzCzKFwnrlrn3bvLSJbKFj2FL1Qc
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Dear BKBK,
What I think is that I'am not setting <cfset theIV = "HM53BC0C176Z58PV" /> correctly, If this sets then I think it might work
Regards
Tayyab Hussain
Copy link to clipboard
Copied
Hello
I think I have resolved the Issue
<cfset input = "amount=30.0&autoRedirect=0&emailAddr=me@.com&expiryDate=20190721 112300&mobileNum=03345400644&orderRefNum=1008&paymentMethod=MA_PAYMENT_METHOD&postBackURL=shopping cart id">
<!---
Generate a secret key. We are going to be using a more complex
form of encryption; however, we can still tell the key-generator
that we are simply using AES (Advanced Encryption Standard).
--->
<cfset encryptionKey = toBase64("HM53BC0C176Z58PV") />
<!---
Now, let's encrypt our secret message with AES, This AES approach
breaks the data up into blocks,encrypts them individually,
and passes the result into the next block of encryption (.... I think).
--->
<cfset hashRequest = encrypt(
input,
encryptionKey,
"AES",
"base64"
) />
<!---
Now, let's decode our secret using AES and our secret key.
--->
<cfset decoded = decrypt(
hashRequest,
encryptionKey,
"AES",
"base64"
) />
<cfoutput>
Original: #input#<br />
<br />
Secret: #hashRequest#<br />
<br />
Decoded: #decoded#<br />
</cfoutput>
(Email address and shopping cart id removed by moderator)
Copy link to clipboard
Copied
Hi Tayyab Hussain,
Thanks for sharing that with us.