Geek Answers Handbook

Different output from toBase64 () in CFML on two different machines

FINAL EDIT: SOLVED , updating the local developer on rail 3.3.4.003 resolved the problem.

I need RC4 to encrypt some strings and encode them with base64, and I am faced with a situation where the same input will generate different outputs on two different dev settings.

For example, if I have the line test2@mail.com
On one machine (DEV-1) I get: DunU+ucIPz/Z7Ar+HTw=
and on the other (DEV-2) it will be: DunU+ucIlZfZ7Ar+HTw=

First, I rc4 encrypt it through the function found here . Then I feed it: toBase64( my_rc4_encrypted_data, "iso-8859-1")

As far as I can tell, the rc4 encryption output is the same for both (or something is missing from me). Below are SERVER variables from both machines, as well as an encryption function.

Is this something we just need to live with, or is there something I can do to โ€œhandle it properlyโ€ (due to a lack of a better word). I am worried that in the future it will bite me and surprise that it can be prevented.

edit 1: Result from my_rc4_encrypted_data.getBytes () returns: DEV-1:

 Native Array (byte[]) 14--23--44--6--25-8-63-63--39--20-10--2-29-60

DEV-2:

 Native Array (byte[]) 14--23--44--6--25-8-63-63--39--20-10--2-29-60

(no encoding passed to getBytes() )

DEV-1 (remote)

 server.coldfusion productname Railo productversion 9,0,0,1 server.java archModel 64 vendor Sun Microsystems Inc. version 1.6.0_26 server.os arch amd64 archModel 64 name Windows Server 2008 R2 version 6.1 server.railo version 3.3.2.002 server.servlet name Resin/4.0.18

DEV-2 (local)

 server.coldfusion productname Railo productversion 9,0,0,1 server.java vendor Oracle Corporation version 1.7.0_01 server.os arch x86 name Windows 7 version 6.1 server.railo version 3.2.2.000 server.servlet name Resin/4.0.18

RC4 function:

 function RC4(strPwd,plaintxt) { var sbox = ArrayNew(1); var key = ArrayNew(1); var tempSwap = 0; var a = 0; var b = 0; var intLength = len(strPwd); var temp = 0; var i = 0; var j = 0; var k = 0; var cipherby = 0; var cipher = ""; for(a=0; a lte 255; a=a+1) { key[a + 1] = asc(mid(strPwd,(a MOD intLength)+1,1)); sbox[a + 1] = a; } for(a=0; a lte 255; a=a+1) { b = (b + sbox[a + 1] + key[a + 1]) Mod 256; tempSwap = sbox[a + 1]; sbox[a + 1] = sbox[b + 1]; sbox[b + 1] = tempSwap; } for(a=1; a lte len(plaintxt); a=a+1) { i = (i + 1) mod 256; j = (j + sbox[i + 1]) Mod 256; temp = sbox[i + 1]; sbox[i + 1] = sbox[j + 1]; sbox[j + 1] = temp; k = sbox[((sbox[i + 1] + sbox[j + 1]) mod 256) + 1]; cipherby = BitXor(asc(mid(plaintxt, a, 1)), k); cipher = cipher & chr(cipherby); } return cipher; }
+8
cfml railo base64 rc4-cipher
source share
2 answers

Leigh wrote:

But be sure to use the same encoding in your test, i.e. String.getBytes (encoding) (Edit) If you omit it, the jvm value is b.

Whether it's right - RAILO-1393 led to a change to to base64, related to the encoding encodings in 3.3.0.017, which is between versions 3.3.2.002 and 3.2.2.000 that you use.

+2
source share

As far as I can tell, the rc4 encryption output is the same for both (or something is missing from me). Below are SERVER variables from both machines, as well as an encryption function.

I would suggest storing the output in two files, and then compare the file size or, even better, a file comparison tool. Base64 encoding is the standard approach for converting binary data to string data.

Assuming your binaries are 100% the same, try converting the data to base 64 on both of your servers and returning to the binary again. I would predict that only one (or none) of the servers can convert data back to binary files again. At this point, you should have an idea of โ€‹โ€‹which server is causing your problem, and can dig further.

If both of them can undo the base 64 data in binary format and the binaries are correct on both servers ... well, I'm not sure.

0
source share

More articles:


All Articles