cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Encrypted Data Exchange with .NET

insuractive
Advocate ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

I've seen a number of postings on the forums about getting CF's encrypt method to play nice with data encrypted from a .NET system.  I currently find myself in a situation where I'm having to walk a .NET developer through using encryption on their end in order to send/accept encrypted data with ColdFusion.  Does anyone have a plug-and-play example that demonstrates an encrypted string exchange between CF and .NET that I could use as reference?

TOPICS
Advanced techniques

Views

2.0K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

-__cfSearching__-
Valorous Hero , Nov 23, 2011 Nov 23, 2011

Here is a simple example of AES in C#/ColdFusion:

ColdFusion code:

<cfset thePlainData = "Nothing to see here folks" />

<cfset theKey = "oRJUjgbx9SGGR6v3T8JGJg==" />

<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />

<cfset theIVInBase64 = "f+hYUyjprHt/6FhTKOmsew==" />

<cfset theEncoding = "base64" />

<!--- do encrypt/decrypt --->

<!--- iv must be a byte array --->

<cfset theIV = BinaryDecode(theIVInBase64, "base64") />

<cfset encryptedString = encrypt(thePlainData, theKey, theAlgorithm, theEncoding, theIV)

...

Votes

Translate

Translate
replies 9 Replies 9
latest latest Jump to latest reply
-__cfSearching__-
Valorous Hero ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

I have had a little experience with CF/.NET exchanges. What kind of encryption are you using (algorithm, encoding, iv, ecetera)?

 

-Leigh

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
insuractive
Advocate ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To -__cfSearching__-

Hi Leigh,

The decision on what to use it pretty up in the air right now, the only requirement is that we are able to encrypt/decrypt a string consistently with CF and .NET.  My initial thought is to use one of the standard Encrypt() block-level encryption algorithms, but I'd settle for any example that uses a decent level of encryption.  Luckily we're dealing with data that is not really that sensitive (P.H.I., Credit Cards, etc), so there aren't any legal or compliance requirements as to the strength of the encryption.

Thanks!

- Michael

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
-__cfSearching__-
Valorous Hero ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To insuractive

Okay, I should have a simple AES example somewhere. Let me see if I can dig it up.

 

-Leigh

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
insuractive
Advocate ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To -__cfSearching__-

Sweet!  Thanks Leigh.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
-__cfSearching__-
Valorous Hero ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To insuractive

Sorry, I looked and do not have an example of a full exchange, just the encyrption part. But data exchange should not be that hard. Do you want that encryption portion?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
insuractive
Advocate ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To -__cfSearching__-

That would be great!  The actual exchange of data is easy - telling a .NET developer how to configure their application so they can read my CF encrypted text = hard.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
-__cfSearching__-
Valorous Hero ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To insuractive

Here is a simple example of AES in C#/ColdFusion:

ColdFusion code:

<cfset thePlainData = "Nothing to see here folks" />

<cfset theKey = "oRJUjgbx9SGGR6v3T8JGJg==" />

<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />

<cfset theIVInBase64 = "f+hYUyjprHt/6FhTKOmsew==" />

<cfset theEncoding = "base64" />

<!--- do encrypt/decrypt --->

<!--- iv must be a byte array --->

<cfset theIV = BinaryDecode(theIVInBase64, "base64") />

<cfset encryptedString = encrypt(thePlainData, theKey, theAlgorithm, theEncoding, theIV) />

<cfset decryptedString = decrypt(encryptedString, theKey, theAlgorithm, theEncoding, theIV) />

<!--- display results --->

<cfdump var="#variables#" label="AES/CBC/PKCS5Padding Results" />

C# code:

using System;

using System.Collections.Generic;

using System.Text;

using System.Security.Cryptography;

public class AESCBC

{

    public static void Main(string[] args)

    {

        try

        {

            // Just hard coded values for testing ...

            String thePlainData = "Nothing to see here folks";

            String theKey = "oRJUjgbx9SGGR6v3T8JGJg==";

            String theIV = "f+hYUyjprHt/6FhTKOmsew==";

            String encryptedText = EncryptText(thePlainData, theKey, theIV);

            String decryptedText = DecryptText(encryptedText, theKey, theIV);

            Console.WriteLine("Encrypted String: {0}", encryptedText);

            Console.WriteLine("Decrypted String: {0}", decryptedText);

        }

        catch (Exception e)

        {

            Console.WriteLine(e.Message);

        }

        Console.ReadLine();

    }

    public static String EncryptText(String Data, String Key, String IV)

    {

        // Extract the bytes of each of the values

        byte[] input = Encoding.UTF8.GetBytes(Data);

        byte[] key = Convert.FromBase64String(Key);

        byte[] iv = Convert.FromBase64String(IV);

        // Create a new instance of the algorithm with the desired settings

        RijndaelManaged algorithm = new RijndaelManaged();

        algorithm.Mode = CipherMode.CBC;

        algorithm.Padding = PaddingMode.PKCS7;

        algorithm.BlockSize = 128;

        algorithm.KeySize = 128;

        algorithm.Key = key;

        algorithm.IV = iv;

        // Create a new encryptor and encrypt the given value

        ICryptoTransform cipher = algorithm.CreateEncryptor();

        byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);

        // Finally, return the encrypted value in base64 format

        String encrypted = Convert.ToBase64String(output);

        return encrypted;

    }

    public static String DecryptText(String Data, String Key, String IV)

    {

        // Extract the bytes of each of the values

        byte[] input = Convert.FromBase64String(Data);

        byte[] key = Convert.FromBase64String(Key);

        byte[] iv = Convert.FromBase64String(IV);

        // Create a new instance of the algorithm with the desired settings

        RijndaelManaged algorithm = new RijndaelManaged();

        algorithm.Mode = CipherMode.CBC;

        algorithm.Padding = PaddingMode.PKCS7;

        algorithm.BlockSize = 128;

        algorithm.KeySize = 128;

        algorithm.Key = key;

        algorithm.IV = iv;

        //FromBase64String

        // Create a new encryptor and encrypt the given value

        ICryptoTransform cipher = algorithm.CreateDecryptor();

        byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);

        // Finally, convert the decrypted value to UTF8 format

        String decrypted = Encoding.UTF8.GetString(output);

        return decrypted;

    }

}

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
insuractive
Advocate ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

In Response To -__cfSearching__-

Thanks Leigh - that is exactly what I need!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
-__cfSearching__-
Valorous Hero ,
Nov 23, 2011 Nov 23, 2011

Copy link to clipboard

Copied

LATEST
In Response To insuractive

You are very welcome.  Obviously adapt the settings to suit your needs, but hopefully the example demonstrates how you can adjust the settings on both ends.

-Leigh

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices