6 Replies Latest reply on Mar 18, 2008 1:01 PM by matt.andreko

    aes encryption between cf7 and c#

    matt.andreko
      I have a c# website that I'm trying to send encrypted urls to via my cold fusion 7 application. I have control of both the c# and the cf code. The cf site is doing the encryption, and the c# code is doing the decryption (2 different sites sharing data).

      Attached is the code I'm trying to use for both sides. I have tried all the modes of AES, and not had any luck.

      Anyone have any ideas?
        • 1. Re: aes encryption between cf7 and c#
          Daverms Level 3
          Hi,

          Why don't you publish your logic as a webservice and consume them at the other end?.

          • 2. Re: aes encryption between cf7 and c#
            matt.andreko Level 1
            I had considered using a webservice, I'm not sure if it sounds right to do.

            I have the cold fusion website which is showing some data, and has a link to the c# website, which pulls up a specific PDF. However, the URL is encrypted. (ie. page.aspx?enc=Q3pnNFJlN2F0WWxaaWtXb0JOV3dLZz09). I need to be able to make a link to that encrypted page. From CF, I could call an encryption webservice that i pass the unencrypted string to, it passes it back encrypted, and then that makes the link on the CF app. However, if it's possible, I'd really prefer to have the encryption handled in the CF app natively.
            • 3. Re: aes encryption between cf7 and c#
              Daverms Level 3
              Hi Matt,

              I am sorry.. Can you be more specific on what you really want to acheive with CF and with C# sites?...
              • 4. Re: aes encryption between cf7 and c#
                matt.andreko Level 1
                Sure ;)

                I have an existing Cold Fusion site, which handles enrollments by filling out all kinds of forms. I submit the data to a c# .net 1.1 application via an XML webservice. That has always worked fine. However I now have the requirement to be able to pull up a PDF of the application, which is handled in a centralized peice of software in the c# application. I can access the application by requesting Page.aspx?[encrypted value here], where [encrypted value here] is the AES/Rijndael encrypted string I'm trying to send (DCN=E080500001&a). I need to create the hyperlink on the CF site to the c# site, using that encrypted url. I have the "DCN=E080500001&a" value in the CF app, but I have yet to get it encrypted successfully.

                Does that help at all?

                • 5. Re: aes encryption between cf7 and c#
                  Daverms Level 3
                  Is that because of the "padding" strings that you specified as "AES/ECB/NoPadding" for the "algorithm" attribute?.. (I am not sure abt this however..)

                  • 6. Re: aes encryption between cf7 and c#
                    matt.andreko Level 1
                    To my understanding, the padding is to deal with blocks that are not 16 bytes long. Since I'm using NoPadding on both c# and cf, for plain testing, I'm just making sure to send 16 byte lengths to the encoder.

                    I've tried tinkering with different modes, paddings, etc... None of them seemed to cooperate.