I think I found out what was killing my server the other day. We used to use
an encryption CFX called textCrypt, actually we've been using it for years
and years, but it stopped working on our new CF9 64bit server.
So we hired a Java developer to write a java class that would handle
decrypting strings using the existing private keys generated with this CFX
(aec/TRSA.). The new java class seems to work pretty good, but when called
in a loop, ohh, 6000 times, it is really slow and the entire server
basically seems to stop and wait for it to finish before serving other
threads. I don't understand why this is the case..
We're calling the method below aecDecrypt() to decrypt each string (6000
times.) and its killing our server and taking too long to finish processing.
I don't know Java, does anyone see a way that this could be improved? One
thing I notice is that each time its called it takes the private key
provided and calls AECKeyToPrivateKeySpec() to convert the private key to
the format needed. I guess this really only needs to be called once each
time.
If anyone thinks they can help me with this I am willing to pay some one to
help me optimize this before I setup a new server specifically for
decryption so that it doesn't bring my webserver to its knees. I still don't
understand why that happens though.
/**
* Decodes a string encoded using its corresponding private
key. This must be done manually due to the unusual padding and
* byte ordering involved.
* @param encryptedString the encrypted string, in
aec/TRSA's version of RSA, in aec's version of base-64 encoding.
* @param aecPrivateKey the corresponding private key, in
aec/TRSA's version of base-64 encoding.
* @return a String representing the original plaintext
message.
*/
public static String aecDecrypt(String encryptedString,
String aecPrivateKey) {
RSAPrivateKeySpec privKeySpec =
AECKeyToPrivateKeySpec(aecPrivateKey);
BigInteger d =
privKeySpec.getPrivateExponent();
BigInteger n = privKeySpec.getModulus();
byte[] src =
unpackAECEncodedBase64(encryptedString);
BigInteger c = new BigInteger(1,src);
BigInteger m = c.modPow(d,n);
byte[] decrypted = m.toByteArray();
for(int i=0; i<decrypted.length/2; i+=1) {
byte a =
decrypted[decrypted.length-i-1];
byte b = decrypted[i];
decrypted[decrypted.length-i-1] = b;
decrypted[i] = a;
}
int padBytes =
decrypted[decrypted.length-1];
String dest = "";
for(int i=0; i<(64-padBytes-1); i++)
dest+=(char)decrypted[i];
d.finalize(); //just to be helpful...
return dest;
}
,
/**
* Creates an RSAPrivateKeySpec object based on a private key
generated with the aecRSA library (such as TextCrypt).
* @param aecPrivateKey A base64-encoded string in
the aecRSA format
* @return
an RSAPrivateKeySpec object representing the same 'n' and 'd' values. If the
key is invalid, returns null.
*/
public static RSAPrivateKeySpec
AECKeyToPrivateKeySpec(String aecPrivateKey) {
String[] pieces = aecPrivateKey.split(":");
if (pieces.length<2) {
return null;
}
String nString =
unpackWeirdMPInt(pieces[0]);
while(nString.endsWith("?")) nString =
nString.substring(0,nString.length()-1);
String dString =
unpackWeirdMPInt(pieces[1]);
while(dString.endsWith("?")) dString =
dString.substring(0,dString.length()-1);
BigInteger n = new
BigInteger(1,unpackHexString(nString));
BigInteger d = new
BigInteger(1,unpackHexString(dString));
//BigInteger d = new BigInteger(dString,16);
//BigInteger n = new BigInteger(nString,16);
return new RSAPrivateKeySpec(n,d);
}
Brook
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351477
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
