I work in a PHP application, we have a specific line that we must encrypt before saving to the database. I can do this in PHP, and not using mcrypt with the key and iv. I'm currently trying to use blowfish because I thought it would be most flexible as far as decrypting it in ColdFusion. The problem I am facing seems to be that ColdFusion does not want to use the key or iv encrypted by me. ColdFusion wants you to generate SecretKey () and use a different way to create iv.
What I cannot do is make them communicate. I tried encryption first in coldFusion and using the key generated by it and iv, which it used in PHP, but the result was not what it should be. I know that something is missing for me, but I can’t determine exactly what it can be.
<?php
$securedString = mcrypt_encrypt ('MCRYPT_BLOWFISH' , 'THISISMYKEYTHATISVERYLONG32CHARS' , "This is the string I need encrypted' , MCRYPT_MODE_CBC , '12345678');
echo base64_encode($securedString);
?>
So what does the equivalent Decision ColdFusion call look like?
BTW: if Blowfish is not an ideal algorithm to use, please feel free to suggest the other while both ColdFusion and PHP can use it, and it's safe.
Thanks Bruce
source
share