Using CF8 and MySQL 5.1, I try to encrypt () the password at creation and then decrypt () at login. I can make decrypt () work fine on the test page, but when I put it on the cfincluded page with cflogin, I get the error message "An error occurred while trying to encrypt or decrypt your input string: com.rsa.jsafe.crypto.dr: Failed to execute unpadding: invalid pad byte .. ". This is the same code and DB from my test page in my application.
application.cfc:
<cfif NOT IsDefined("Request.PasswordKey")> <cfset request.PasswordKey = generateSecretKey("AES")> <cfset request.algorithm = "AES"> <cfset request.encoding = "hex"> </cfif>
test page that works great:
FORM DATA: <br/> form password:<cfoutput>#form.passwd#</cfoutput><br/> <cfset encrypted = Encrypt(form.passwd,Request.PasswordKey,Request.algorithm,Request.encoding)> Encrypted: <cfoutput>#encrypted#</cfoutput><br/> Decrypted: <cfoutput>#Decrypt(variables.encrypted,Request.PasswordKey,Request.algorithm,Request.encoding)#</cfoutput><br/> <br/> QUERY DATA<br/> <cfinvoke component="components.userQ" method="login" returnvariable="qLogin"> <cfinvokeargument name="formData" value="#form#"> </cfinvoke> <cfoutput>qLogin password: #qlogin.encPasswd#</cfoutput><br/> <cfoutput>Decrypted encPasswd from qLogin: #Decrypt(qlogin.encPasswd,Request.PasswordKey,Request.algorithm,Request.encoding)#</cfoutput>
Decrypt () on the application page, which is an error:
<cfset unEnPasswd = #Decrypt(qlogin.encPasswd,Request.PasswordKey,Request.algorithm,Request.encoding)#>
I can get the default CFMX_COMPAT encrypt () and decrypt () to work fine in my application with the same code, just by changing the key, algorithm and encoding variables.
By the way, I also save the encrypted strings as varchar () in the DB, so it will not ruin the filling (therefore I read). I tried blob but got bytearray error.
Any help or thoughts are greatly appreciated.