ColdFusion 的加密问题
我正在尝试在 cookie 中存储一些加密(短)信息。我正在生成一个短字符串(大约 64 个字符),使用generateSecretKey() 生成密钥,并尝试 AES 或 Blowfish 加密。
我已经使用encode() 和decode() 函数中的参数尝试了默认的UUEncoding、Base64 和Hex。
使用 AES,我收到错误
尝试加密或解密输入字符串时发生错误:com.rsa.jsafe.crypto.dr:无法执行取消填充:无效的填充字节..
使用 Blowfish,我收到错误
尝试加密或解密您的输入字符串时发生错误:给定的最终块未正确填充。
我做错了什么?
I'm trying to store some encrypted (short) information in a cookie. I'm generating a short string (around 64 chars), generating the key using generateSecretKey(), and attempting either AES or Blowfish encryption.
I've tried the default UUEncoding, Base64, and Hex using the parameters in the encode() and decode() functions.
With AES, I get the error
An error occurred while trying to encrypt or decrypt your input string: com.rsa.jsafe.crypto.dr: Could not perform unpadding: invalid pad byte..
With Blowfish, I get the error
An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.
What am I doing wrong?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
Blowfish 具有 64 位块大小,即 8 个字节。 AES 的块大小为 128 位,即 16 字节。
块大小意味着它只能执行该大小的块。所以块大小为 8 字节的东西不能处理 7,6,5,4,3,2,1 字节。
如果您的位数或字节数少于所需的位数(此处为 8 和 16 字节),则必须用某些内容填充以达到 8/16 字节长的块。 (英语中的填充意味着您必须附加未使用的位/字节 - 有时是协议/算法规定的内容,有时内容并不重要),直到您拥有所需大小的内容。)
这两个错误都抱怨填充不良。所以我的直觉是您没有将正确大小(长度)的数据传递给加密/解密算法。检查您的文档,看看它们是否接受作为输入数据:
您是否有可能在加密步骤之前意外完成了 UU/Base64/Hex 编码?
你应该:
显然,收到数据后颠倒顺序:
Blowfish has a 64 bit block size, that is 8 bytes. AES has a block size of 128 bits, that is 16 bytes.
Block size implies it can only do that size blocks. So something with a block size of 8 bytes cannot do 7,6,5,4,3,2,1 bytes.
If you have less than th required number of bits or bytes (8 and 16 bytes here), you have to pad those with something to arrive at a 8/16 byte long block. (Padding in English means you have to append unused bits/bytes - sometimes of content prescribed by the protocol/algorithm, sometimes content doesn't matter) until you have something that is of the required size.)
Both errors complain about bad padding. So my hunch is that you are not passing the right size (length) of data to the encryption/decryption algorithms. Check your documentation to see whether they accept as input data:
Any chance you have accidentally done your UU/Base64/Hex encoding before the encryption step?
You should:
Obviously, reverse the sequence upon receipt of the data:
我不确定您使用的是哪个版本,但这似乎适用于 CF9、OpenBD 和 Railo(使用 AES 或 Blowfish)
I am not sure which version you are using, but this seems to work fine with CF9, OpenBD and Railo (using either AES or Blowfish)
由于时间限制,我们最终使用 cfmx_copat 加密。
我向两位回答者表示歉意,因为我从未能够像我希望的那样充分地试验他们的回答。
Due to time constraints, we ended up using cfmx_copat encryption.
I apologize to both people who answered, as I never was able to experiment with their responses as fully as I would have liked.