Hi Juan,
This should certainly be possible. I've done some testing here.
Aside from the static installation of Bouncy Castle described in the CF
docs, you can also add it dynamically. For example, I found the
following to work (with the bc jar in WEB-INF/lib):
<cfset bc = createObject( "java",
"org.bouncycastle.jce.provider.BouncyCastleProvider" )>
<cfset createObject( "java", "java.security.Security" ).addProvider(
bc )>
<cfset thisString="Four score and seven years ago">
<cfset thisAlgorithm="TWOFISH">
<cfset encryptedString = Encrypt(thisString,
generateSecretKey(thisAlgorithm), thisAlgorithm)>
<cfoutput>#encryptedString#</cfoutput>
HTH
Andy
[EMAIL PROTECTED] wrote:
> Does Open BlueDragon support strong encryption and additional security
> providers as described for CF7 in
> http://kb.adobe.com/selfservice/viewContent.do?externalId=e546373d?
> I tried following the directions to install both the Sun Unlimited
> Strength Jurisdiction Policy Files and the Bouncy Castle Crypto
> package but they don't seem to be working. If I try this:
>
> thisString="Four score and seven years ago";
> thisAlgorithm="AES";
> encryptedString = Encrypt(thisString,
> generateSecretKey(thisAlgorithm), thisAlgorithm);
>
> then it works properly.
>
> If I try:
>
> thisAlgorithm="RC4";
>
> the error returned is:
>
> Not an ARCFOUR key: rc4
>
> And, if I try this:
>
> thisAlgorithm="TWOFISH";
>
> the error returned is:
>
> Failed to generate key. TWOFISH KeyGenerator not available
>
> Any suggestions as to what I'm doing wrong or whether this is just not
> supported? I've tried putting the Crypto package both in the JRE /lib/
> ext and WEB-INF/lib directories to no avail.
>
> Thanks.
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
Open BlueDragon Public Mailing List
http://groups.google.com/group/openbd?hl=en
official blog @ http://blog.openbluedragon.org/
!! save a network - trim replies before posting !!
-~----------~----~----~----~------~----~------~--~---
