Highlighted

Encryption Error

Participant ,
Aug 12, 2019

Copy link to clipboard

Copied

Randomly about once every 200 transactions we get the following encryption error:

An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.

At login we create the follow session variables:

<cfset session.a= 'AES'>

<cfset session.e= 'HEX'>

<cfset session.k=generateSecretKey(session.a)>

Then throughout the site we use:

<cfscript>

encrypted=encrypt(customer.foo, session.k,session.a,session.e);

</cfscript>

<cfscript>

url.serial=decrypt(url.foo, session.k,session.a,session.e);  

</cfscript>

Any suggestions?

Views

273

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Encryption Error

Participant ,
Aug 12, 2019

Copy link to clipboard

Copied

Randomly about once every 200 transactions we get the following encryption error:

An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.

At login we create the follow session variables:

<cfset session.a= 'AES'>

<cfset session.e= 'HEX'>

<cfset session.k=generateSecretKey(session.a)>

Then throughout the site we use:

<cfscript>

encrypted=encrypt(customer.foo, session.k,session.a,session.e);

</cfscript>

<cfscript>

url.serial=decrypt(url.foo, session.k,session.a,session.e);  

</cfscript>

Any suggestions?

Views

274

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Aug 12, 2019 0
Adobe Community Professional ,
Aug 13, 2019

Copy link to clipboard

Copied

I'm not sure where you're getting the error. Are you getting it when you encrypt, or when you decrypt, or both? Do you get it once, but then get success if you try that operation again with the same key?

If it's the latter, I'd just write an exception handler that tries to repeat the operation. If it happens repeatedly after you've generated a specific key, I'd write the key generation process in an exception handler that attempts to use the key right after you created it.

Dave Watts, Eidolon LLC

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 13, 2019 0
Participant ,
Aug 13, 2019

Copy link to clipboard

Copied

It happens randomly on decrypt and the next attempt will work so an exception handler to repeat the process is probably the best idea... Something new to learn.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 13, 2019 0
Adobe Community Professional ,
Aug 15, 2019

Copy link to clipboard

Copied

I'd propose instead (or in addition) that a try/catch around the erroneous statement could then log the values of all the variables involved in that statement. You are reasonably presuming that they are what you expect them to be, but I am willing to bet that you will find that when it fails, the problem has to do with the values in those variables.

Even if you may go the "repeat" route, could you please take a moment to log (with cflog or writelog) the values? It could help you and other readers to understand the real root cause of your problem.

That said, do beware that if somehow the variable to be logged wasn't a string (or couldn't be interpreted by CF to be one), then the cflog/writelog would fail--but that failure itself would indicate that the variable which couldn't be written was the real problem.

/Charlie (server troubleshooter, carehart.org)

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 15, 2019 0