cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Encryption Error

ghanna1
Contributor ,
Aug 12, 2019 Aug 12, 2019

Copy link to clipboard

Copied

Randomly about once every 200 transactions we get the following encryption error:

An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.

At login we create the follow session variables:

<cfset session.a= 'AES'>

<cfset session.e= 'HEX'>

<cfset session.k=generateSecretKey(session.a)>

Then throughout the site we use:

<cfscript>

encrypted=encrypt(customer.foo, session.k,session.a,session.e);

</cfscript>

<cfscript>

url.serial=decrypt(url.foo, session.k,session.a,session.e);  

</cfscript>

Any suggestions?

Views

535

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 3 Replies 3
latest latest Jump to latest reply
Dave Watts Community Expert
Community Expert ,
Aug 13, 2019 Aug 13, 2019

Copy link to clipboard

Copied

I'm not sure where you're getting the error. Are you getting it when you encrypt, or when you decrypt, or both? Do you get it once, but then get success if you try that operation again with the same key?

If it's the latter, I'd just write an exception handler that tries to repeat the operation. If it happens repeatedly after you've generated a specific key, I'd write the key generation process in an exception handler that attempts to use the key right after you created it.

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ghanna1
Contributor ,
Aug 13, 2019 Aug 13, 2019

Copy link to clipboard

Copied

In Response To Dave Watts

It happens randomly on decrypt and the next attempt will work so an exception handler to repeat the process is probably the best idea... Something new to learn.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Charlie Arehart Community Expert
Community Expert ,
Aug 15, 2019 Aug 15, 2019

Copy link to clipboard

Copied

LATEST
In Response To ghanna1

I'd propose instead (or in addition) that a try/catch around the erroneous statement could then log the values of all the variables involved in that statement. You are reasonably presuming that they are what you expect them to be, but I am willing to bet that you will find that when it fails, the problem has to do with the values in those variables.

Even if you may go the "repeat" route, could you please take a moment to log (with cflog or writelog) the values? It could help you and other readers to understand the real root cause of your problem.

That said, do beware that if somehow the variable to be logged wasn't a string (or couldn't be interpreted by CF to be one), then the cflog/writelog would fail--but that failure itself would indicate that the variable which couldn't be written was the real problem.


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices