Encrypt in Coldfusion and decrypt in C#
Here is the code used to encrypt in coldfusion
It is generating en
-
It is generating encrypted values like
714FEA9A9A2184769CA49D5133F08580Then they are using "Hex", not the default "UUEncode". Either "hex" or "base64" is fine. As long as you both agree upon the encoding, it does not really matter.
You can use RijndaelManaged to decrypt the strings. However, the default encryption settings for ColdFusion and C# differ slightly. With the encrypt function:
- "AES" is short for "AES/ECB/PKCS5Padding"
- "ECB" mode does not use an IV
- Key strings are always base64 encoded
NB: Despite the name difference, for the SUN provider,
PKCS5Padding(CF/Java) corresponds toPaddingMode.PKCS7(C#). As mentioned in this thread, the "... SUN provider in Java indicate[s] PKCS#5 where PKCS#7 should be used - "PKCS5Padding" should have been "PKCS7Padding". This is a legacy from the time that only 8 byte block ciphers such as (triple) DES symmetric cipher were available."So you need to ensure your C# settings are adjusted to match. With that in mind, just decode the encrypted text from hex and the key string from base64. Using the slightly ugly example in the API, just adjust the algorithm settings to match those used by the encrypt() function:
Encrypt with ColdFusion
<cfscript> plainText = "Nothing to see"; // 128 bit key base64 encoded keyInBase64 = "Y25Aju8H2P5DR8mY6B0ezg=="; // "AES" is short for "AES/ECB/PKCS5Padding" encryptedText = encrypt(plainText, keyInBase64, "AES", "hex"); WriteDump( encryptedText ); // result: 8889EDF02F181158AAD902AB86C63951 </cfscript>Decrypt with C#
byte[] bytes = SomeMethodToConvertHexToBytes( encryptedText ); byte[] key = Convert.FromBase64String( keyInBase64 ); string decryptedText = null; using (RijndaelManaged algorithm = new RijndaelManaged()) { // initialize settings to match those used by CF algorithm.Mode = CipherMode.ECB; algorithm.Padding = PaddingMode.PKCS7; algorithm.BlockSize = 128; algorithm.KeySize = 128; algorithm.Key = key; ICryptoTransform decryptor = algorithm.CreateDecryptor(); using (MemoryStream msDecrypt = new MemoryStream(bytes)) { using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) { using (StreamReader srDecrypt = new StreamReader(csDecrypt)) { decryptedText = srDecrypt.ReadToEnd(); } } } } Console.WriteLine("Encrypted String: {0}", encryptedText); Console.WriteLine("Decrypted String: {0}", decryptedText);Keep in mind you can (and probably should) adjust the settings, such as using the more secure CBC mode instead of
ECB. You just need to coordinate those changes with the CF developer.讨论(0) -
If anyone had similar problem with JAVA I just implemented encryption and decryption of string previously encrypted/decrypted in coldfusion with "Hex" and "tripledes". Here is my code:
private static final String PADDING = "DESede/ECB/PKCS5Padding"; private static final String UTF_F8 = "UTF-8"; private static final String DE_SEDE = "DESede"; private String secretKey; public String encrypt(String message) throws Exception { secretKey = getSecretKey(); final byte[] secretBase64Key = Base64.decodeBase64(secretKey); final SecretKey key = new SecretKeySpec(secretBase64Key, DE_SEDE); final Cipher cipher = Cipher.getInstance(PADDING); cipher.init(Cipher.ENCRYPT_MODE, key); final byte[] plainTextBytes = message.getBytes(); final byte[] cipherText = cipher.doFinal(plainTextBytes); return Hex.encodeHexString(cipherText); } public String decrypt(String keyToDecrypt) throws Exception { secretKey = getSecretKey(); byte[] message = DatatypeConverter.parseHexBinary(keyToDecrypt); final byte[] secretBase64Key = Base64.decodeBase64(secretKey); final SecretKey key = new SecretKeySpec(secretBase64Key, DE_SEDE); final Cipher decipher = Cipher.getInstance(PADDING); decipher.init(Cipher.DECRYPT_MODE, key); final byte[] plainText = decipher.doFinal(message); return new String(plainText, UTF_F8); }讨论(0)
加载中...
- 热议问题