Posted on 2012-03-13
I'm working with a 3rd party vendor trying to send them an encrypted URL string with encode to preserve any spaces ect.. They are requiring a DESEDE encryption in ECB mode with PKCS5 padding using Base64 and the string should not be encoded again after the Base64 encoding.
They have provided with me a username, password, and key they are expecting. The code should be straight forward. When put the code in, I get the following error:
The key specified is not a valid key for this encryption: Wrong key algorithm, expected DESede.
Here is the code:
<cfset myKey = toBase64(BinaryDecode("xxxxxx[24bit key]xxxxxxx", "Base64"))>
<cfset myDate = dateformat(dateconvert( "local2Utc", now()), "YYYYMMDDHHMMSS")>
<cfset uid = "MyUserId">
<cfset pw = "MyPassword">
<cfset stmt = URLEncodedFormat("User_Id=#variables.uid#&User_Password=#Variables.pw#&User_TimeStamp=#variables.myDate#")>
<cfset encryptedUrl = encrypt(stmt, myKey, "DESEDE/ECB/PKCS5Padding", "Base64")>
I've taken out the actual username and password in this sample. I've tried setting the the myKey to xxxxxx[24bit key]xxxxxxx (which is the key they are expecting), hashing the key, and taking out the ECB/PKCS5Padding.
Any help would be greatly appreciated. I'm not sure if I've overlooked anything, or exactly what I'm missing. I'm not sure why CF keeps asking for the generateSecretKey method. As soon as I do that, everything works great. We are running CF 8. Thank you in advance for your help.