PHP encryption code converted to ColdFusion

Asked 27/4, 2011 at 17:27 Answered 3/5, 2011 at 22:46

Solved php encryption coldfusion aes rijndael

I have this bit of PHP that I'd like to do the equivalent of in ColdFusion.

function & _encryptMessage( $message ) {

   $td = mcrypt_module_open( MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');
   mcrypt_generic_init( $td, $this->key, $this->iv );
   $encrypted_data = mcrypt_generic( $td, $message );
 mcrypt_generic_deinit($td);
 mcrypt_module_close($td);

   return base64_encode( $encrypted_data );
}

I think it is just

encrypt(message,"","AES","Base64")

But I have no real way of knowing for sure and it doesn't feel quite right, so I wondered if someone out there would be good enough to point me in the right direction.

UPDATE : For information this answer by Mister Dai, was particularly helpful.

So MCRYPT_RIJNDAEL_256 actually means block size not the encryption strength. The encryption strength is still 256 as the key and salt are generated in PHP using a value that is hashed at sha-256.

This is the encrypt call I have now :

encrypt(arguments.messageXML,instance.key,"AES/CBC/PKCS5Padding","Base64",ivSalt)

Unfortunately this blows up because the ivSalt is 32 bytes (256bits) in length and AES is only expecting a 16 bytes iv salt. Looking here it would seem that the maximum block size in ColdFusion/Java for AES is 16bytes (128bit). I can't seem to see how I can get a 256bit block size. Any help would be greatly appreciated.

Placentation answered 27/4, 2011 at 17:27 Comment(7)

When you run the two using the same message do you get the same result? – Pelkey 27/4, 2011 at 17:46

I agree with Dave. But a few things that jump out at me are 1) your encrypt() key is missing/blank 2) you are not passing an iv and 3) the encryption mode needs to match that used by php – Ruff 27/4, 2011 at 19:3

Ah... I've just remembered something about PHP. this->key is like this.key in ColdFusion. So I need to dig around in the rest of the PHP file for the key and the IV salt, which should help me make more sense of this. – Placentation 27/4, 2011 at 20:22

As for testing whether the two turn out the same result; I'd love to, but I don't have a PHP install. – Placentation 27/4, 2011 at 20:23

@Stephen Moretti - You will also need to change the mode as well. IIRC CF defaults to ECB and the php example looks to be using CBC – Ruff 27/4, 2011 at 23:28

@Stephen, don't forget to salt your encryption e.g. with a timestamp to protect against rainbow table attacks. – Newhall 28/4, 2011 at 13:48

@Stephen Morretti - If 256 is only supported for Rijndael not AES, you might try Bouncy Castle's RijndaelEngine implementation bouncycastle.org/specifications.html – Ruff 30/4, 2011 at 4:19

A couple of thanks should go out before I answer my own question. Thanks to Dave Boyer (Mister Dai), Jason Dean and Jason Delmore for their help.

As Leigh has suggested I had to make use of Bouncy Castle, the light weight API and the Rijndael cipher engine there in.

I ended up with a function to create an rijndael cipher and functions to encrypt and decrypt a string with a key and ivsalt.

<cfcomponent displayname="Bounce Castle Encryption Component" hint="This provides bouncy castle encryption services" output="false">

<cffunction name="createRijndaelBlockCipher" access="private">
    <cfargument name="key" type="string" required="true" >
    <cfargument name="ivSalt" type="string" required="true" >
    <cfargument name="bEncrypt" type="boolean" required="false" default="1">
    <cfargument name="blocksize" type="numeric" required="false" default=256>
    <cfscript>
    // Create a block cipher for Rijndael
    var cryptEngine = createObject("java", "org.bouncycastle.crypto.engines.RijndaelEngine").init(arguments.blocksize);

    // Create a Block Cipher in CBC mode
    var blockCipher = createObject("java", "org.bouncycastle.crypto.modes.CBCBlockCipher").init(cryptEngine);

    // Create Padding - Zero Byte Padding is apparently PHP compatible.
    var zbPadding = CreateObject('java', 'org.bouncycastle.crypto.paddings.ZeroBytePadding').init();

    // Create a JCE Cipher from the Block Cipher
    var cipher = createObject("java", "org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher").init(blockCipher,zbPadding);

    // Create the key params for the cipher     
    var binkey = binarydecode(arguments.key,"hex");
    var keyParams = createObject("java", "org.bouncycastle.crypto.params.KeyParameter").init(BinKey);

    var binIVSalt = Binarydecode(ivSalt,"hex");
    var ivParams = createObject("java", "org.bouncycastle.crypto.params.ParametersWithIV").init(keyParams, binIVSalt);

    cipher.init(javaCast("boolean",arguments.bEncrypt),ivParams);

    return cipher;
    </cfscript>
</cffunction>

<cffunction name="doEncrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">

    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt);
    var byteMessage = arguments.message.getBytes();
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var cipherText = cipher.doFinal(outArray,bufferLength);

    return toBase64(outArray);
    </cfscript>
</cffunction>


<cffunction name="doDecrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">

    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt,bEncrypt=false);
    var byteMessage = toBinary(arguments.message);
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var originalText = cipher.doFinal(outArray,bufferLength);

    return createObject("java", "java.lang.String").init(outArray);
    </cfscript>
</cffunction>

<cfscript>
function getByteArray(someLength)
{
    byteClass = createObject("java", "java.lang.Byte").TYPE;
    return createObject("java","java.lang.reflect.Array").newInstance(byteClass, someLength);
}
</cfscript>

</cfcomponent>

The doEncrypt and doDecrypt functions are publically visible, but not the function that creates the rijndael cipher. The encryption and decryption functions take a string, key and ivSalt returning an encrypted or decrypted string respectively.

The createRijndaelBlockCipher takes a key, ivSalt, a boolean to state whether the cipher will be used to encrypt or decrypt and the block size, although the block size is defaulted to 256 bits. The function is fairly well commented so it should make sense.

The UDF at the bottom (special thanks to Jason Delmore for that nugget) ensures that ColdFusion correctly creates a byte array for the decryption. Some other ways of creating byte arrays just don't work or end up with inconsistent results in decryption or throw pad buffer corrupt errors.

That's about it really. It took far too much effort, when the standard AES encryption uses 128bit blocks and 128 Bit Keys are for classified up to SECRET, 192-bit or higher for TOP-SECRET. 256bit blocks and 256bit keys are just a bit over the top. Just because you can doesn't mean you should.

Please do remember that MCRYPT_RIJNDAEL_256 is the block size and not the encryption level. The encryption level is set by the strength of key that you pass into mcrypt_encrypt and increasing the block size does not increase the encryption strength.

Placentation answered 3/5, 2011 at 22:46 Comment(0)

-2

http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7c52.html

You could do something as simple as:

<cfset stringName = "variable 1: " & variable1 & " some more text" />
<cfset varName = HASH(stringName, "SHA") />

or even this:

<cfset varName = HASH("i want this string to be encrypted", "SHA") />

Doing something like this is usually what i do for password storage and other sensitive data.

Hope that the link and/or examples help, Brds

Corrosion answered 27/4, 2011 at 20:9 Comment(2)

Thanks for that Brds. I suspect that while hash will encrypt the string, but I need to be able to decrypt the result. Also, unless I'm mistaken, hash() doesn't support AES (RIJNDAEL is AES right?) – Placentation 27/4, 2011 at 20:28

Right. Hash() cannot be reversed/decrypted and AES/Rijndael is not a supported hash algorithm, only encrypt(). help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/… – Ruff 27/4, 2011 at 23:27

Recommended topics

Hot tags