A while back I was testing the Encrypt and Decrypt functions of ColdFusion 10 (during the Beta program) and I was running into issues of it failing. I kept getting this error for some of the encryption types "There has been an error while trying to encrypt or decrypt your input string: The input and output encodings are not same.". Upon submitting a bug report we figured out that I did not have the "Java Cryptography Extension" installed on my computer. Doh! After installing that all the encryption and decryption code worked just fine.

One nice side note is that during my testing of these functions I wrote a little CFM script that lets you test all the different encryption and decryption types available to ColdFusion. I believe these are all ColdFusion 9 and up, but I may be wrong. It's been a while and I don't remember. So the point of this blog post is two fold; one, you need the "Java Cryptography Extension" installed and two, the code below provides a very decent example of how to code the encryption and decryption functions in ColdFusion. This little snippet of code lets you test with the AES and stronger encryption algorithms. It also has the default CFMX_COMPAT algorithm that you should NEVER use.

So I hereby set this code free into the wind!

view plain print about
1<cfparam name="form.data" default="">
2<cfparam name="form.key" default="">
3<cfparam name="form.encryptType" default="">
4<cfparam name="form.myEncoding" default="">
8    <title>Encrypt Me</title>
11<form action="encrypt.cfm" method="post">
12    Data to Encrypt:<cfoutput><input type="text" name="data" value="#form.data#" size="40"></cfoutput><br />
13    Encryption Key:<cfoutput><input type="text" name="key" value="#form.key#" size="40"></cfoutput><br />
14    Method:<select name="encryptType" size="1">
15        <option value="CFMX_COMPAT"<cfif form.encryptType eq "CFMX_COMPAT"> selected</cfif>>CFMX_COMPAT</option>
16        <option value="AES"<cfif form.encryptType eq "AES"> selected</cfif>>AES</option>
17        <option value="DES"<cfif form.encryptType eq "DES"> selected</cfif>>DES</option>
18        <option value="DESEDE"<cfif form.encryptType eq "DESEDE"> selected</cfif>>Triple DES</option>
19        <option value="DESX"<cfif form.encryptType eq "DESX"> selected</cfif>>DESX</option>
20        <option value="BLOWFISH"<cfif form.encryptType eq "BLOWFISH"> selected</cfif>>BLOWFISH</option>
21        <option value="RC2"<cfif form.encryptType eq "RC2"> selected</cfif>>RC2</option>
22        <option value="RC4"<cfif form.encryptType eq "RC4"> selected</cfif>>RC4</option>
23        <option value="RC5"<cfif form.encryptType eq "RC5"> selected</cfif>>RC5</option>
24    </select><br />
25     Select the encoding:
26 <select size="1" name="myEncoding">
27 <option value="UU"<cfif form.myEncoding eq "UU"> selected</cfif>>UU</option>
28 <option value="Base64"<cfif form.myEncoding eq "Base64"> selected</cfif>>Base64</option>
29 <option value="Hex"<cfif form.myEncoding eq "Hex"> selected</cfif>>Hex</option>
30 </select><br>
31    <input type="submit" name="submit" value="Encrypt This">
35 if(len(trim(form.data) ) and len( trim(form.encryptType) ) ) {
37 try {
38        if (form.encryptType eq "CFMX_COMPAT") {
39            theKey = Form.key;
40        } else {
41            // For all other encryption techniques, generate a secret key.
            theKey = generateSecretKey(Form.encryptType);
43        }
45        encrypted = encrypt(form.data,theKey,form.encryptType,form.myEncoding);
47        decrypted = decrypt(encrypted,theKey,form.encryptType,form.myEncoding);
49        writeOutput("<br><br>CODE:<br><br>");
50        writeOutput("encrypted = encrypt(form.data,theKey,form.encryptType,form.myEncoding);<br>");
51        writeOutput("encrypted = encrypt('#form.data#','#theKey#','#form.encryptType#','#form.myEncoding#');<br><br>");
52        writeOutput("decrypted = decrypt(encrypted,theKey,form.encryptType,form.myEncoding);<br>");
53        writeOutput("decrypted = decrypt('#encrypted#','#theKey#','#form.encryptType#','#form.myEncoding#');");
56    }
57    catch(any e) {
58        writeOutput("generateSecretKey('" & Form.encryptType & "') = " & theKey );
59        writeDump(e);abort;
60    }
62    writeOutput("<hr>#form.data# encrypted with #form.encryptType# is: #encrypted#<br /><br>and now to decrypt it again: #decrypted#");
65    }

*Note: When I write little tools like this I'm usually writing it because there is something I absolutely need to see in order to complete another project. These little tools are not written as projects themselves and therefore may not be very pretty or as full featured as something that I was writing as a complete project. I just needed to get some code running that gave me back the data I needed to see. There are no warranties or promises. If you find is useful then great. If not, oh well. I know the code works on CF9 at the moment. I can not be certain if it still works on other versions of ColdFusion. * Any code posted may not be totally secure or production ready. Use at your own risk. ** Unless otherwise noted, this code shall be deemed Public Domain.