openssl_verify in coldfusion
Copy link to clipboard
Copied
Hello,
I try to decrypt a string with a public key but it doesn't works.
The string come from a payment system (paybox). Paybox give the php code to decrypt signature but i do not know how to translate it in CFM. The php instruction is "openssl_verify( $data, $sig, $key )". I try <cfset PayBoxSign = Decrypt(PayBoxSign,PublicKey)> but it does not works.
Any idea ?
Thanks
Copy link to clipboard
Copied
You need to decrypt the string using the same algorithm it was encrypted with. According to the docs for openssl_verify (nice function name, PHP. Not) - http://us3.php.net/manual/en/function.openssl-verify.php - it uses SHA1. SHA1 encryption/decryption is only supported on CF Enterprise, it seems: http://livedocs.adobe.com/coldfusion/8/htmldocs/functions_e-g_01.html#1104201
I'm not sure if simply decrypting the string and comparing it to the signature is all that is required here, but you could try.
If that doesn't work, try to find a Java implementation of openssl, and use that to do it.
--
Adam

Copy link to clipboard
Copied
You might also want to consider simply using the PHP implementation from within your coldfusion code. Sean Corfield blogged about it in this posting: http://corfield.org/blog/index.cfm/do/blog.entry/entry/ColdFusion_8_running_PHP
I have not seen a logical use for doing this yet as everything is better in CF then PHP but your situation might be the exception.
-Joe

