9 Replies Latest reply on Nov 23, 2011 1:22 PM by -==cfSearching==-

    Encrypted Data Exchange with .NET

    insuractive Level 3

      I've seen a number of postings on the forums about getting CF's encrypt method to play nice with data encrypted from a .NET system.  I currently find myself in a situation where I'm having to walk a .NET developer through using encryption on their end in order to send/accept encrypted data with ColdFusion.  Does anyone have a plug-and-play example that demonstrates an encrypted string exchange between CF and .NET that I could use as reference?

        • 1. Re: Encrypted Data Exchange with .NET
          -==cfSearching==- Level 4

          I have had a little experience with CF/.NET exchanges. What kind of encryption are you using (algorithm, encoding, iv, ecetera)?

           

           

          -Leigh

          • 2. Re: Encrypted Data Exchange with .NET
            insuractive Level 3

            Hi Leigh,

             

            The decision on what to use it pretty up in the air right now, the only requirement is that we are able to encrypt/decrypt a string consistently with CF and .NET.  My initial thought is to use one of the standard Encrypt() block-level encryption algorithms, but I'd settle for any example that uses a decent level of encryption.  Luckily we're dealing with data that is not really that sensitive (P.H.I., Credit Cards, etc), so there aren't any legal or compliance requirements as to the strength of the encryption.

             

            Thanks!

             

            - Michael

            • 3. Re: Encrypted Data Exchange with .NET
              -==cfSearching==- Level 4

              Okay, I should have a simple AES example somewhere. Let me see if I can dig it up.

               

               

              -Leigh

              • 4. Re: Encrypted Data Exchange with .NET
                insuractive Level 3

                Sweet!  Thanks Leigh.

                • 5. Re: Encrypted Data Exchange with .NET
                  -==cfSearching==- Level 4

                  Sorry, I looked and do not have an example of a full exchange, just the encyrption part. But data exchange should not be that hard. Do you want that encryption portion?

                  • 6. Re: Encrypted Data Exchange with .NET
                    insuractive Level 3

                    That would be great!  The actual exchange of data is easy - telling a .NET developer how to configure their application so they can read my CF encrypted text = hard.

                    • 7. Re: Encrypted Data Exchange with .NET
                      -==cfSearching==- Level 4

                      Here is a simple example of AES in C#/ColdFusion:

                       

                      ColdFusion code:

                      <cfset thePlainData = "Nothing to see here folks" />

                      <cfset theKey = "oRJUjgbx9SGGR6v3T8JGJg==" />

                      <cfset theAlgorithm = "AES/CBC/PKCS5Padding" />

                      <cfset theIVInBase64 = "f+hYUyjprHt/6FhTKOmsew==" />

                      <cfset theEncoding = "base64" />

                       

                      <!--- do encrypt/decrypt --->

                      <!--- iv must be a byte array --->

                      <cfset theIV = BinaryDecode(theIVInBase64, "base64") />

                      <cfset encryptedString = encrypt(thePlainData, theKey, theAlgorithm, theEncoding, theIV) />

                      <cfset decryptedString = decrypt(encryptedString, theKey, theAlgorithm, theEncoding, theIV) />

                       

                       

                      <!--- display results --->

                      <cfdump var="#variables#" label="AES/CBC/PKCS5Padding Results" />

                       

                      C# code:

                      using System;

                      using System.Collections.Generic;

                      using System.Text;

                      using System.Security.Cryptography;

                       

                      public class AESCBC

                      {

                          public static void Main(string[] args)

                          {

                              try

                              {

                                  // Just hard coded values for testing ...

                                  String thePlainData = "Nothing to see here folks";

                                  String theKey = "oRJUjgbx9SGGR6v3T8JGJg==";

                                  String theIV = "f+hYUyjprHt/6FhTKOmsew==";

                                  String encryptedText = EncryptText(thePlainData, theKey, theIV);

                                  String decryptedText = DecryptText(encryptedText, theKey, theIV);

                       

                                  Console.WriteLine("Encrypted String: {0}", encryptedText);

                                  Console.WriteLine("Decrypted String: {0}", decryptedText);

                              }

                              catch (Exception e)

                              {

                                  Console.WriteLine(e.Message);

                              }

                       

                              Console.ReadLine();

                          }

                       

                       

                          public static String EncryptText(String Data, String Key, String IV)

                          {

                              // Extract the bytes of each of the values

                              byte[] input = Encoding.UTF8.GetBytes(Data);

                              byte[] key = Convert.FromBase64String(Key);

                              byte[] iv = Convert.FromBase64String(IV);

                       

                       

                              // Create a new instance of the algorithm with the desired settings

                              RijndaelManaged algorithm = new RijndaelManaged();

                              algorithm.Mode = CipherMode.CBC;

                              algorithm.Padding = PaddingMode.PKCS7;

                              algorithm.BlockSize = 128;

                              algorithm.KeySize = 128;

                              algorithm.Key = key;

                              algorithm.IV = iv;

                       

                              // Create a new encryptor and encrypt the given value

                              ICryptoTransform cipher = algorithm.CreateEncryptor();

                              byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);

                       

                              // Finally, return the encrypted value in base64 format

                              String encrypted = Convert.ToBase64String(output);

                       

                              return encrypted;

                          }

                       

                          public static String DecryptText(String Data, String Key, String IV)

                          {

                              // Extract the bytes of each of the values

                              byte[] input = Convert.FromBase64String(Data);

                              byte[] key = Convert.FromBase64String(Key);

                              byte[] iv = Convert.FromBase64String(IV);

                       

                       

                              // Create a new instance of the algorithm with the desired settings

                              RijndaelManaged algorithm = new RijndaelManaged();

                              algorithm.Mode = CipherMode.CBC;

                              algorithm.Padding = PaddingMode.PKCS7;

                              algorithm.BlockSize = 128;

                              algorithm.KeySize = 128;

                              algorithm.Key = key;

                              algorithm.IV = iv;

                       

                              //FromBase64String

                              // Create a new encryptor and encrypt the given value

                              ICryptoTransform cipher = algorithm.CreateDecryptor();

                              byte[] output = cipher.TransformFinalBlock(input, 0, input.Length);

                       

                              // Finally, convert the decrypted value to UTF8 format

                              String decrypted = Encoding.UTF8.GetString(output);

                       

                              return decrypted;

                          }

                      }

                      • 8. Re: Encrypted Data Exchange with .NET
                        insuractive Level 3

                        Thanks Leigh - that is exactly what I need!

                        • 9. Re: Encrypted Data Exchange with .NET
                          -==cfSearching==- Level 4

                          You are very welcome.  Obviously adapt the settings to suit your needs, but hopefully the example demonstrates how you can adjust the settings on both ends.

                           

                          -Leigh