So far in my investigation and trial and error, I have discovered that the AES key you use cannot have ^ or & in it. The key we were provided by the .NET side did have these in. Another thing is that padding to 24 characters renders the error " The key specified is not a valid key for this encryption: Invalid AES key length: 7 bytes" - 7 bytes? Its like CF doesnt even see the extra spaces. So I replaced the spaces with 3's and I get an 18 byte string? What in the wierd?
Replace the last 2 characters with == and it works fine, my manually generated key is 7+8sh+dWEf333333333333== I am putting this out there because its causing me no end of problems, and I cant find anything out in google land or on blogs about this. On 10/16/07, Duncan <[EMAIL PROTECTED]> wrote: > I hope someone with a little knowledge of Encryption and AES stuff can > help me out with how to use a provided key to decrypt some info. > > Your time here would be greatly appreciated. Details below. > > On 10/15/07, Duncan <[EMAIL PROTECTED]> wrote: > > Hi all, > > > > I have a token that is being passed in via the URL, that is generated > > in a .NET program. I am having trouble decoding it in CF 8 so I was > > hoping that someone could give me a hand. I am very frustrated with > > this as this is my first dive into AES. > > > > The .NET developer gave me the following instructions: > > > > These are the steps needed to return the key in the email back to it's > > original state > > > > 1. URLDecode the key > > 2. Convert result to decoded base64 binary > > 3. Remove chr(0) from end of string > > 4. Decrypt from AES192 (requires a 24 character Key). Hence > > make sure you pad the hash key with spaces at the end up to 24 > > characters > > > > And here is what I have code wise now (I changed the key to keep it > > private): > > > > <cfoutput> > > <!--- comes in via URL ---> > > <cfset > > forDec="OTg4MTc6NjcmOEpoXmRXRWY0JSVHWUcqb2xpa3VqZGxveHRvbkByZWQ1LmNvbS5hdQ%3D%3D"> > > <!--- padded with spaces to make 24 chars ---> > > <cfset key="7&KSK^8SID "> > > <br />#forDec# > > <!--- 1. URLDecode the key ---> > > <cfset forDec = URLDecode(forDec)> > > <br />#forDec# > > <!--- 2. Convert result to decoded base64 binary ---> > > <cfset forDec = BinaryDecode(forDec,"base64")> > > <!--- we now have binary object ---> > > <cfdump var="#forDec#"> > > <!---3. Remove chr(0) from end of string ---> > > <!--- I cant put a trim on to a binary object, nor can I do a > > ReplacenoCase() ---> > > > > <!---4. Decrypt from AES192 (requires a 24 character Key). Hence > > make sure you pad the hash key with spaces at the end up to 24 > > characters---> > > <cfset key = Decrypt(forDec,key,"AES","base64")> > > </cfoutput> > > > > This results in a bytearray cannot be converted to strings error. So I > > tried forDec.toString(), but every request this generates a different > > value - how can this be? > > > > <cfset key = > > Decrypt(BinaryEncode(forDec,"base64"),BinaryDecode(key,"base64"),"AES","base64")> > > > > Results in getting an error that " The input and output encodings are > > not same." > > > > I am at a loss and tearing my hair out - can anyone help me out here??? > > > > -- > > Duncan I Loxton > > [EMAIL PROTECTED] > > > > > -- > Duncan I Loxton > [EMAIL PROTECTED] > -- Duncan I Loxton [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291163 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
