RE: cfx_pwtextcrypt & CF9
Thanks for your help, I was able to get this working using your suggestions and the original code from encryption http://www.12robots.com/index.cfm/2010/7/19/Using-Asymmetric-Cryptography-in -your-ColdFusion-Application--Security-Series-1610. I modified that code to add support for the following: 1. Wrapped it all up in a nice CFC 2. Added a generateKeyPair() method to generate the keys 3. Added support for returning the keys as base64 encoded strings 4. The encrypt/decrypt methods accept either a string, java instance or binary object for the public/private key pair. If a string or binary object is provided, it will create the java instance from the string/binary argument and then do the decryption. I needed it to work this way, so I could save the public key to the database and save the private key to a text file (which is downloaded by our end user for them to hold on to). I submitted the CFC to RIAForge in case any one else might find it useful. I believe I am just waiting for approval now. If any one wants a copy just email me and I'll send it to you. Brook Davies -Original Message- From: denstar [mailto:valliants...@gmail.com] Sent: February-15-11 7:31 PM To: cf-talk Subject: Re: cfx_pwtextcrypt & CF9 There are examples of doing lots of weird PGP related things here: http://subversion.assembla.com/svn/cfmlprojects/trunk/src/cfopenpgp/src/tag/ cfopenpgp/cfc/openpgp.cfc This uses BouncyCastle (you have to add the jars), so it's sorta stand-alone from what CF comes with. It's butt-ugly, but there are some tests a couple dirs up and over... Sounds like the original question was sorted, but I'll toss it out there anyway, as there's examples in there of doing most the java-ish conversions and whatnot (bytearray stuff, etc.). :Den -- Ideas any one can mould as he wishes. Josiah Royce On Thu, Feb 10, 2011 at 1:53 PM, Brook Davies wrote: > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it > no longer works. I assume it's a COM related issue. Does anyone know for sure? > > > > The tag was able to generate a public/private key pair using RSA 512 > bit encryption and subsequently perform encryption/decryption using > the keys generated. Does anyone know if there is a way to do this with > CF9 without this CFX? > > > > Brook D. > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342340 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
There are examples of doing lots of weird PGP related things here: http://subversion.assembla.com/svn/cfmlprojects/trunk/src/cfopenpgp/src/tag/cfopenpgp/cfc/openpgp.cfc This uses BouncyCastle (you have to add the jars), so it's sorta stand-alone from what CF comes with. It's butt-ugly, but there are some tests a couple dirs up and over... Sounds like the original question was sorted, but I'll toss it out there anyway, as there's examples in there of doing most the java-ish conversions and whatnot (bytearray stuff, etc.). :Den -- Ideas any one can mould as he wishes. Josiah Royce On Thu, Feb 10, 2011 at 1:53 PM, Brook Davies wrote: > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it no > longer works. I assume it's a COM related issue. Does anyone know for sure? > > > > The tag was able to generate a public/private key pair using RSA 512 bit > encryption and subsequently perform encryption/decryption using the keys > generated. Does anyone know if there is a way to do this with CF9 without > this CFX? > > > > Brook D. > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342321 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
Mack/Leigh, thanks for the constructive comments, I will check those options and see if I can get it working.. Brook -Original Message- From: Leigh [mailto:cfsearch...@yahoo.com] Sent: February-15-11 6:35 AM To: cf-talk Subject: Re: cfx_pwtextcrypt & CF9 > I think you might be able to use > java.security.KeyPairGenerator to > generate the keys and then javax.crypto.Cipher to do the > encryption/decryption. I haven't tested it though so i don't know if > it will work. Yep, it does. I believe he is using this code to do the encryption http://www.12robots.com/index.cfm/2010/7/19/Using-Asymmetric-Cryptography-in -your-ColdFusion-Application--Security-Series-1610 ... and this will work to regenerate the keys from an array of bytes http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:62618#342138 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342281 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
> I think you might be able to use > java.security.KeyPairGenerator to > generate the keys and then javax.crypto.Cipher to do the > encryption/decryption. I haven't tested it though so i > don't know if > it will work. Yep, it does. I believe he is using this code to do the encryption http://www.12robots.com/index.cfm/2010/7/19/Using-Asymmetric-Cryptography-in -your-ColdFusion-Application--Security-Series-1610 ... and this will work to regenerate the keys from an array of bytes http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:62618#342138 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342279 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
I think you might be able to use java.security.KeyPairGenerator to generate the keys and then javax.crypto.Cipher to do the encryption/decryption. I haven't tested it though so i don't know if it will work. Personally I've used gnupg (GNU Privacy Guard) for RSA key generation and encryption/decryption. -- Mack ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342272 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
If it's any help Brookelook for CFENCRYPT...and sorry...but do read the docs...they are fairly clear and state more than I can here. I used to use a tag for this kind of stuff call CF-CRYPT. I recently looked under the hood and found it used CFENCRYPT/CFDECRYPT (but the old way before we could pick which crypto library etc.). I re-wrote the tag to use better encryption and it was thanks to the docs (which I would rarely say as I feel most docs are lean and nebulous at best). The bit that threw me was having to use the generateSecretKey() function to come up with the key to use that is specific to the encryption algorithm you decide to work with. Previously I was just able to use any string as an encyption key, but with stronger crypto comes fancier keys ;-) HTH Cheers On Mon, 2011-02-14 at 12:56 -0800, Brook Davies wrote: > Thanks for the 'check the docs' response. Why don't you check the docs and > tell me how to generate a public/private key pair with RSA encryption and do > decryption/encryption with this key pair? And then once you actually know > that the docs contain something relevant to my request you can re-post your > comment and I'll eat my words. > > You should really know what you talking about before you go spouting "read > the docs". > > Brook > > > -Original Message- > From: Jeffrey Battershall [mailto:jbattersh...@gmail.com] > Sent: February-13-11 6:57 AM > To: cf-talk > Subject: Re: cfx_pwtextcrypt & CF9 > > > Check the CF9 docs. There's quite a bit of encryption/decryption support > built in to CF8/9. You might have transition issues to work through, but > you shouldn't need a CFX for that purpose at this point. > > On Thu, Feb 10, 2011 at 3:53 PM, Brook Davies wrote: > > > > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > > versions right up to CF8. However, it looks like on the 64 Bit CF9, it > > no longer works. I assume it's a COM related issue. Does anyone know for > sure? > > > > > > > > The tag was able to generate a public/private key pair using RSA 512 > > bit encryption and subsequently perform encryption/decryption using > > the keys generated. Does anyone know if there is a way to do this with > > CF9 without this CFX? > > > > > > > > Brook D. > > > > > > > > > > > > > > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342212 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
Brooke, Excuse me if this is a blind alley but the CF 8 docs state: ColdFusion 8: Added support for encryption using the RSA BSafe Crypto-J library on Enterprise Edition. Perhaps you're not running CF Enterprise and possibly this is not relevant to your needs. I offer this in the spirit of help. Jeff On Mon, Feb 14, 2011 at 3:56 PM, Brook Davies wrote: > > Thanks for the 'check the docs' response. Why don't you check the docs and > tell me how to generate a public/private key pair with RSA encryption and > do > decryption/encryption with this key pair? And then once you actually know > that the docs contain something relevant to my request you can re-post your > comment and I'll eat my words. > > You should really know what you talking about before you go spouting "read > the docs". > > Brook > > > -Original Message- > From: Jeffrey Battershall [mailto:jbattersh...@gmail.com] > Sent: February-13-11 6:57 AM > To: cf-talk > Subject: Re: cfx_pwtextcrypt & CF9 > > > Check the CF9 docs. There's quite a bit of encryption/decryption support > built in to CF8/9. You might have transition issues to work through, but > you shouldn't need a CFX for that purpose at this point. > > On Thu, Feb 10, 2011 at 3:53 PM, Brook Davies > wrote: > > > > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > > versions right up to CF8. However, it looks like on the 64 Bit CF9, it > > no longer works. I assume it's a COM related issue. Does anyone know for > sure? > > > > > > > > The tag was able to generate a public/private key pair using RSA 512 > > bit encryption and subsequently perform encryption/decryption using > > the keys generated. Does anyone know if there is a way to do this with > > CF9 without this CFX? > > > > > > > > Brook D. > > > > > > > > > > > > > > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342211 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
Thanks for the 'check the docs' response. Why don't you check the docs and tell me how to generate a public/private key pair with RSA encryption and do decryption/encryption with this key pair? And then once you actually know that the docs contain something relevant to my request you can re-post your comment and I'll eat my words. You should really know what you talking about before you go spouting "read the docs". Brook -Original Message- From: Jeffrey Battershall [mailto:jbattersh...@gmail.com] Sent: February-13-11 6:57 AM To: cf-talk Subject: Re: cfx_pwtextcrypt & CF9 Check the CF9 docs. There's quite a bit of encryption/decryption support built in to CF8/9. You might have transition issues to work through, but you shouldn't need a CFX for that purpose at this point. On Thu, Feb 10, 2011 at 3:53 PM, Brook Davies wrote: > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it > no longer works. I assume it's a COM related issue. Does anyone know for sure? > > > > The tag was able to generate a public/private key pair using RSA 512 > bit encryption and subsequently perform encryption/decryption using > the keys generated. Does anyone know if there is a way to do this with > CF9 without this CFX? > > > > Brook D. > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342210 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
Check the CF9 docs. There's quite a bit of encryption/decryption support built in to CF8/9. You might have transition issues to work through, but you shouldn't need a CFX for that purpose at this point. On Thu, Feb 10, 2011 at 3:53 PM, Brook Davies wrote: > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it no > longer works. I assume it's a COM related issue. Does anyone know for sure? > > > > The tag was able to generate a public/private key pair using RSA 512 bit > encryption and subsequently perform encryption/decryption using the keys > generated. Does anyone know if there is a way to do this with CF9 without > this CFX? > > > > Brook D. > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342172 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
Brook, It should work with the jce factory. Though you may have to specify the bce provider. Here is a starter example See also http://download.oracle.com/javase/6/docs/api/java/security/spec/X509EncodedKeySpec.html#getEncoded%28%29 http://download.oracle.com/javase/6/docs/api/java/security/spec/PKCS8EncodedKeySpec.html#getEncoded%28%29 ... ... -Leigh Bored stiff? Loosen up... Download and play hundreds of games for free on Yahoo! Games. http://gam ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342138 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
I am not sure. But I *think* you have to pass the bytes back into a KeyFactory. Then use the appropriate key spec to regenerate the key object. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342137 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
BTW, the encrypt function looks like this: -Original Message- From: Brook Davies [mailto:cft...@logiforms.com] Sent: February-10-11 3:27 PM To: cf-talk Subject: RE: cfx_pwtextcrypt & CF9 Hi Leigh, I noticed that, and I tried that. I tried: But, later, if I try to call encrypt and pass it that publicKey_string, it fails because the encrypt() function expects the java object. Brook -Original Message- From: Leigh [mailto:cfsearch...@yahoo.com] Sent: February-10-11 3:10 PM To: cf-talk Subject: RE: cfx_pwtextcrypt & CF9 > I can't figure out how to get public/private key strings from that and > use those to encrypt/decrypt data. Anybody know? IIRC, key.getEncoded() returns the bytes which you can encode as hex or however you want -Leigh ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342136 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
Hi Leigh, I noticed that, and I tried that. I tried: But, later, if I try to call encrypt and pass it that publicKey_string, it fails because the encrypt() function expects the java object. Brook -Original Message- From: Leigh [mailto:cfsearch...@yahoo.com] Sent: February-10-11 3:10 PM To: cf-talk Subject: RE: cfx_pwtextcrypt & CF9 > I can't figure out how to get public/private key strings from that and > use those to encrypt/decrypt data. Anybody know? IIRC, key.getEncoded() returns the bytes which you can encode as hex or however you want -Leigh ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342134 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
> I can't figure out how to get public/private key strings > from that and use those to encrypt/decrypt data. Anybody know? IIRC, key.getEncoded() returns the bytes which you can encode as hex or however you want -Leigh ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342133 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: cfx_pwtextcrypt & CF9
I'm on Standard not Enterprise. I found this article: http://www.12robots.com/index.cfm/2010/7/19/Using-Asymmetric-Cryptography-in -your-ColdFusion-Application--Security-Series-1610 And followed the directions and was able to generate a public/private key pair with RSA encryption and use them to encrypt and decrypt data. The problem is that the public and private key pair are java object instances. The decrypt/encrypt method expects those instances. I can't figure out how to get public/private key strings from that and use those to encrypt/decrypt data. Anybody know? Brook -Original Message- From: Dave Watts [mailto:dwa...@figleaf.com] Sent: February-10-11 1:56 PM To: cf-talk Subject: Re: cfx_pwtextcrypt & CF9 > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it > no longer works. I assume it's a COM related issue. Does anyone know for sure? No, it's not a COM issue, but it's similar - DLLs are platform-specific, so 32-bit DLLs aren't going to work from your 64-bit application. > The tag was able to generate a public/private key pair using RSA 512 > bit encryption and subsequently perform encryption/decryption using > the keys generated. Does anyone know if there is a way to do this with > CF9 without this CFX? Do you have Enterprise or Standard? The encryption choices are different between them. Enterprise includes the RSA JSafe library. http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e08 11cbec22c24-7c2f.html Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342132 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
> We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it no > longer works. I assume it's a COM related issue. Does anyone know for sure? No, it's not a COM issue, but it's similar - DLLs are platform-specific, so 32-bit DLLs aren't going to work from your 64-bit application. > The tag was able to generate a public/private key pair using RSA 512 bit > encryption and subsequently perform encryption/decryption using the keys > generated. Does anyone know if there is a way to do this with CF9 without > this CFX? Do you have Enterprise or Standard? The encryption choices are different between them. Enterprise includes the RSA JSafe library. http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7c2f.html Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342131 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfx_pwtextcrypt & CF9
Yeah, It's the CFX issue. Basically most CFX objects are C++ and were compiled for 32bit or earlier systems and are not compatible with 64bit systems. We're suffering from a similar issue where we can't get one of our CFX objects upgraded to a 64bit flavor and it's keeping us trapped on 32bit until we can find a suitable replacement. =\ On Thu, Feb 10, 2011 at 1:53 PM, Brook Davies wrote: > > We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF > versions right up to CF8. However, it looks like on the 64 Bit CF9, it no > longer works. I assume it's a COM related issue. Does anyone know for sure? > > > > The tag was able to generate a public/private key pair using RSA 512 bit > encryption and subsequently perform encryption/decryption using the keys > generated. Does anyone know if there is a way to do this with CF9 without > this CFX? > > > > Brook D. > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342129 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
cfx_pwtextcrypt & CF9
We've been using cfx_pwtextcrypt since 2002, its worked fine on all CF versions right up to CF8. However, it looks like on the 64 Bit CF9, it no longer works. I assume it's a COM related issue. Does anyone know for sure? The tag was able to generate a public/private key pair using RSA 512 bit encryption and subsequently perform encryption/decryption using the keys generated. Does anyone know if there is a way to do this with CF9 without this CFX? Brook D. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342128 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: CFX_pwtextcrypt Question
I wrote: >You do not store the public key on the server, ideally. Oops. meant to say 'you do not store the *private* key on the server :) --Matt-- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: CFX_pwtextcrypt Question
Hi David, You store the *public* key, which does the encrypting, somewhere on your server where your cf templates can get at it. If you have, lets say, a cached default settings record for your application this would be where you might want to keep the public key. You do not store the public key on the server, ideally. Users must input the private key. When there is something encrypted that they want to see, they go to a form in your admin area and paste in the key, which is stored in a text file on their local computer. I store that key in a session var so they only have to paste in the key once during their session. No private key = no decryption. If it ain't on the server its safe from hacking. Strictly speaking you could also store the private key on the server to allow seamless operation, but that defeats a key purpose of doing public/private key encryption. Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com -Original Message- From: David Green [mailto:[EMAIL PROTECTED]] Sent: Friday, February 21, 2003 10:14 AM To: CF-Talk Subject: CFX_pwtextcrypt Question Hello list I'm trying cfx_pwtextcrypt tag recommend on this list. My question is this tag requires a public key and private key to be able to decrypt the value. The question is where do you store these keys. In the table with crypted value? does this mean if someone gets the table with keys and the crypted value they can decrypted the value or do they also need to know what function/tag crypted the value? Thanks David ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
CFX_pwtextcrypt Question
Hello list I'm trying cfx_pwtextcrypt tag recommend on this list. My question is this tag requires a public key and private key to be able to decrypt the value. The question is where do you store these keys. In the table with crypted value? does this mean if someone gets the table with keys and the crypted value they can decrypted the value or do they also need to know what function/tag crypted the value? Thanks David ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: cfx_pwtextcrypt
Hi all, I work for the company that produces cfx_pwtextcrypt. Sorry I almost missed this thread - don't have time to check CF-Talk all that often. If you have any questions about it, you can always email us directly at [EMAIL PROTECTED] We haven't come across any issues using the tag on CF4, CF4.5 and CF5 - we've also run the kind of stress tests that Matt mentioned. Unfortunately we haven't had a chance to test on CFMX yet - but from what I understand there are issues with a lot of CFX tags under CFMX. Brook, I wrote to you offlist, but do you have the Macromedia CFMX update installed? I believe it was meant to fix some problems with CFX's. Ben, I also wrote to you offlist - I don't think asymmetric encrytpion will suit your requirements - have a look at a symmetric encryption tag or a URL encrypting UDF, or use ColdFusion's built-in Encode() function. Hope that helps, Kay. __ Kay Smoljak Web DeveloperPerthWeb Pty Ltd Level 9/105 St George's Tc - Perth - Western Australia Ph: (08) 9226 1366 Fax: (08) 9226 1375 www.perthweb.com.au developer.perthweb.com.au Brook wrote: > I also use it intensively and I have started to have some problems. > But they are intermittent. Seems to happen on the encrypt phase. We are > running CFMX on win2k sp3. Everything runs fine and then when at random > intervals calling the encrypt function essentially kills the server. ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
RE: cfx_pwtextcrypt
We were doing more like 500 iterations - along with a large page display. Plus the tag uses an asymmetrically algorithm which produces a public and private key which made no sense for what we were doing. You are correct, sometimes I come across as a bit crass, so I will digress and say that that tag did not suit our needs, your mileage may very. -Original Message- From: Matt Robertson [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 12:41 PM To: CF-Talk Subject: RE: cfx_pwtextcrypt Hi Rob, That sounded pretty nasty. We use it a lot and recommend it to others. While we have no problems I thought I'd better run a stress test. Ran fine in the 50-iteration loop below, where it generates 1024-bit keys, encrypts then decrypts. Pretty intense. Takes several minutes to run. No memory leakage. Not sure what your problems were, but memory leaks from the version of the tag I have aren't a problem. #Private_Key# #Public_Key# Encrypted: #variables.Crypt_Value# Decrypted: #variables.Crypt_Value# --- Matt Robertson[EMAIL PROTECTED] MSB Designs, Inc., www.mysecretbase.com --- -- Original Message -- from: "Rob Rohan" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Thu, 10 Oct 2002 10:07:01 -0700 >Hi Ben, > We used to use that tag and abandoned it. I wrote an in house >implementation with stronger encryption - plus the tag would crash our >server almost ever other day, think it has a memory leak. > > Anyway I'll try to help if I can. > > > >-Original Message- >From: Ben Densmore [mailto:[EMAIL PROTECTED]] >Sent: Thursday, October 10, 2002 8:55 AM >To: CF-Talk >Subject: cfx_pwtextcrypt > > >Anyone currently using the cfx_pwtextcrypt custom tag that can answer a >few questions off list? > >Thanks, >Ben > >Ben Densmore >Web Developer >eSupport.com,Inc. >1538 Turnpike St. >North Andover, MA 01845 > >Phone: (978) 686-6468 x333 >Email: [EMAIL PROTECTED] > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
RE: cfx_pwtextcrypt
Hey Guys, I also use it intensively and I have started to have some problems. But they are intermittent. Seems to happen on the encrypt phase. We are running CFMX on win2k sp3. Everything runs fine and then when at random intervals calling the encrypt function essentially kills the server. No pages will server; either HTML or CFML and the CPU does not spike and memory usage remains stable. But it appears to happen when a call to the encrypt function is initiated. We use a lock around the CFX tag and it is also inside a CFC. I wonder if that makes any difference. Brook At 12:40 PM 10/10/02 -0700, you wrote: >Hi Rob, > >That sounded pretty nasty. We use it a lot and recommend it to >others. While we have no problems I thought I'd better run a stress test. > >Ran fine in the 50-iteration loop below, where it generates 1024-bit keys, >encrypts then decrypts. Pretty intense. Takes several minutes to >run. No memory leakage. > >Not sure what your problems were, but memory leaks from the version of the >tag I have aren't a problem. > >#Private_Key# >#Public_Key# >Encrypted: #variables.Crypt_Value# >Decrypted: #variables.Crypt_Value# > >-- > > >--- >Matt Robertson[EMAIL PROTECTED] >MSB Designs, Inc., www.mysecretbase.com >--- > > >-- Original Message -- >from: "Rob Rohan" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >date: Thu, 10 Oct 2002 10:07:01 -0700 > > >Hi Ben, > > We used to use that tag and abandoned it. I wrote an in house > >implementation with stronger encryption - plus the tag would crash our > >server almost ever other day, think it has a memory leak. > > > > Anyway I'll try to help if I can. > > > > > > > >-Original Message- > >From: Ben Densmore [mailto:[EMAIL PROTECTED]] > >Sent: Thursday, October 10, 2002 8:55 AM > >To: CF-Talk > >Subject: cfx_pwtextcrypt > > > > > >Anyone currently using the cfx_pwtextcrypt custom tag that can answer a > >few questions off list? > > > >Thanks, > >Ben > > > >Ben Densmore > >Web Developer > >eSupport.com,Inc. > >1538 Turnpike St. > >North Andover, MA 01845 > > > >Phone: (978) 686-6468 x333 > >Email: [EMAIL PROTECTED] > > > > > > > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
RE: cfx_pwtextcrypt
I mean 'vary'. -Original Message- From: Matt Robertson [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 12:41 PM To: CF-Talk Subject: RE: cfx_pwtextcrypt Hi Rob, That sounded pretty nasty. We use it a lot and recommend it to others. While we have no problems I thought I'd better run a stress test. Ran fine in the 50-iteration loop below, where it generates 1024-bit keys, encrypts then decrypts. Pretty intense. Takes several minutes to run. No memory leakage. Not sure what your problems were, but memory leaks from the version of the tag I have aren't a problem. #Private_Key# #Public_Key# Encrypted: #variables.Crypt_Value# Decrypted: #variables.Crypt_Value# --- Matt Robertson[EMAIL PROTECTED] MSB Designs, Inc., www.mysecretbase.com --- -- Original Message -- from: "Rob Rohan" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Thu, 10 Oct 2002 10:07:01 -0700 >Hi Ben, > We used to use that tag and abandoned it. I wrote an in house >implementation with stronger encryption - plus the tag would crash our >server almost ever other day, think it has a memory leak. > > Anyway I'll try to help if I can. > > > >-Original Message- >From: Ben Densmore [mailto:[EMAIL PROTECTED]] >Sent: Thursday, October 10, 2002 8:55 AM >To: CF-Talk >Subject: cfx_pwtextcrypt > > >Anyone currently using the cfx_pwtextcrypt custom tag that can answer a >few questions off list? > >Thanks, >Ben > >Ben Densmore >Web Developer >eSupport.com,Inc. >1538 Turnpike St. >North Andover, MA 01845 > >Phone: (978) 686-6468 x333 >Email: [EMAIL PROTECTED] > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
RE: cfx_pwtextcrypt
Hi Rob, That sounded pretty nasty. We use it a lot and recommend it to others. While we have no problems I thought I'd better run a stress test. Ran fine in the 50-iteration loop below, where it generates 1024-bit keys, encrypts then decrypts. Pretty intense. Takes several minutes to run. No memory leakage. Not sure what your problems were, but memory leaks from the version of the tag I have aren't a problem. #Private_Key# #Public_Key# Encrypted: #variables.Crypt_Value# Decrypted: #variables.Crypt_Value# --- Matt Robertson[EMAIL PROTECTED] MSB Designs, Inc., www.mysecretbase.com --- -- Original Message -- from: "Rob Rohan" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Thu, 10 Oct 2002 10:07:01 -0700 >Hi Ben, > We used to use that tag and abandoned it. I wrote an in house >implementation with stronger encryption - plus the tag would crash our >server almost ever other day, think it has a memory leak. > > Anyway I'll try to help if I can. > > > >-Original Message- >From: Ben Densmore [mailto:[EMAIL PROTECTED]] >Sent: Thursday, October 10, 2002 8:55 AM >To: CF-Talk >Subject: cfx_pwtextcrypt > > >Anyone currently using the cfx_pwtextcrypt custom tag that can answer a >few questions off list? > >Thanks, >Ben > >Ben Densmore >Web Developer >eSupport.com,Inc. >1538 Turnpike St. >North Andover, MA 01845 > >Phone: (978) 686-6468 x333 >Email: [EMAIL PROTECTED] > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
RE: cfx_pwtextcrypt
Sure. Go for it. Cheers, --Matt Robertson-- MSB Designs, Inc. http://mysecretbase.com -Original Message- From: Ben Densmore [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 8:55 AM To: CF-Talk Subject: cfx_pwtextcrypt Anyone currently using the cfx_pwtextcrypt custom tag that can answer a few questions off list? Thanks, Ben Ben Densmore Web Developer eSupport.com,Inc. 1538 Turnpike St. North Andover, MA 01845 Phone: (978) 686-6468 x333 Email: [EMAIL PROTECTED] ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
RE: cfx_pwtextcrypt
Hi Ben, We used to use that tag and abandoned it. I wrote an in house implementation with stronger encryption - plus the tag would crash our server almost ever other day, think it has a memory leak. Anyway I'll try to help if I can. -Original Message- From: Ben Densmore [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 8:55 AM To: CF-Talk Subject: cfx_pwtextcrypt Anyone currently using the cfx_pwtextcrypt custom tag that can answer a few questions off list? Thanks, Ben Ben Densmore Web Developer eSupport.com,Inc. 1538 Turnpike St. North Andover, MA 01845 Phone: (978) 686-6468 x333 Email: [EMAIL PROTECTED] ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
cfx_pwtextcrypt
Anyone currently using the cfx_pwtextcrypt custom tag that can answer a few questions off list? Thanks, Ben Ben Densmore Web Developer eSupport.com,Inc. 1538 Turnpike St. North Andover, MA 01845 Phone: (978) 686-6468 x333 Email: [EMAIL PROTECTED] ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
