Exit
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0

Encryption Error

Contributor ,
Aug 12, 2019 Aug 12, 2019

Randomly about once every 200 transactions we get the following encryption error:

An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.

At login we create the follow session variables:

<cfset session.a= 'AES'>

<cfset session.e= 'HEX'>

<cfset session.k=generateSecretKey(session.a)>

Then throughout the site we use:

<cfscript>

encrypted=encrypt(customer.foo, session.k,session.a,session.e);

</cfscript>

<cfscript>

url.serial=decrypt(url.foo, session.k,session.a,session.e);  

</cfscript>

Any suggestions?

753
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Aug 13, 2019 Aug 13, 2019

I'm not sure where you're getting the error. Are you getting it when you encrypt, or when you decrypt, or both? Do you get it once, but then get success if you try that operation again with the same key?

If it's the latter, I'd just write an exception handler that tries to repeat the operation. If it happens repeatedly after you've generated a specific key, I'd write the key generation process in an exception handler that attempts to use the key right after you created it.

Dave Watts, Eidolon LLC

Dave Watts, Eidolon LLC
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Contributor ,
Aug 13, 2019 Aug 13, 2019

It happens randomly on decrypt and the next attempt will work so an exception handler to repeat the process is probably the best idea... Something new to learn.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Aug 15, 2019 Aug 15, 2019
LATEST

I'd propose instead (or in addition) that a try/catch around the erroneous statement could then log the values of all the variables involved in that statement. You are reasonably presuming that they are what you expect them to be, but I am willing to bet that you will find that when it fails, the problem has to do with the values in those variables.

Even if you may go the "repeat" route, could you please take a moment to log (with cflog or writelog) the values? It could help you and other readers to understand the real root cause of your problem.

That said, do beware that if somehow the variable to be logged wasn't a string (or couldn't be interpreted by CF to be one), then the cflog/writelog would fail--but that failure itself would indicate that the variable which couldn't be written was the real problem.


/Charlie (troubleshooter, carehart. org)
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources