Last active
April 18, 2016 06:01
-
-
Save Leigh-/a127e9c3a3799a9890ea73e093954e41 to your computer and use it in GitHub Desktop.
Example of Encrypt in ColdFusion, Decrypt in Node.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Encrypt in ColdFusion | |
| Summary | |
| 1. Generate a cryptographically random key with GenerateSecretKey(). Do *not* use a self generated | |
| password, which is less secure. | |
| 2. Generate a random IV (initialization vector)][2] and decode into binary. | |
| 3. Encrypt the plain text with AES/CBC/PKCS5Padding | |
| */ | |
| <cfscript> | |
| // Plain text to encrypt | |
| plainText = 'This is a plain text string'; | |
| // Secure key produced by generateSecretKey("AES") | |
| base64Key = "WTq8zYcZfaWVvMncigHqwQ=="; | |
| // Use appropriate method to decode into binary: charsetDecode, binaryDecode, etcetera | |
| // Important: IV values should be randomized | |
| binaryIV = binaryDecode("a5e72a3a083a908f32c45f3c7e3143ae", "hex"); | |
| encryptedText = encrypt(plainText, base64Key, "AES/CBC/PKCS5Padding", "hex", binaryIV); | |
| // Expected result: "39EE0FE0EF686D6619BA8D55D4FC57C2AB35DDE7E692AD051F900906B0E53317" | |
| writeOutput( encryptedText ); | |
| </cfscript> | |
| /* | |
| Decrypt in Node.js | |
| Summary | |
| 1. Decrypt key string into binary. Use the appropriate encoding parameter to ensure the string is decoded correctly. | |
| 2. Decrypt IV into binary, with the appropriate encoding parameter | |
| 3. Decrypt encrypted string into binary, with the appropriate encoding parameter | |
| 4. Decrypt the binary using cipher.createDecipheriv(algoirthm, key, iv) | |
| 5. Convert the decrypted binary into a human readable string | |
| */ | |
| var Crypto = require('crypto'); | |
| // Decode key string from base64 into binary | |
| var key = new Buffer('WTq8zYcZfaWVvMncigHqwQ==', 'base64'); | |
| // Decode iv string from hex into binary | |
| var iv = new Buffer('a5e72a3a083a908f32c45f3c7e3143ae', 'hex'); | |
| // Decode encrypted string into binary | |
| var encrypted = new Buffer('39EE0FE0EF686D6619BA8D55D4FC57C2AB35DDE7E692AD051F900906B0E53317', 'hex'); | |
| // Decrypt binary value | |
| var decipher = Crypto.createDecipheriv('aes-128-cbc', key, iv); | |
| var decrypted = decipher.update(encrypted); | |
| // Encode decrypted binary as UTF-8 | |
| var clearText = Buffer.concat([decrypted, decipher.final()]).toString('utf8'); | |
| console.log(clearText); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment