PHP mcrypt to ColdFusion decrypt

I am working in a PHP app we have a particular string that we need to encrypt before storing in a database. I can do this in PHP with not problem using mcrypt with a key and a iv. Currently I'm trying to use blowfish because I thought it would be the most flexible as far as decrypting it in ColdFusion. The issue I ran into is it seems ColdFusion doesn't want to use the key or iv I encrypted with. ColdFusion wants you to generateSecretKey() and use some other way to create the iv.

What I can't seem to do is get the two to communicate. I tried first encrypting in coldFusion and using the key it generated and iv it used in PHP but the result was not what it should be. I know I must be missing something but I can't quite pinpoint what it might be.

$securedString = mcrypt_encrypt ('MCRYPT_BLOWFISH' , 'THISISMYKEYTHATISVERYLONG32CHARS' , "This is the string I need encrypted' , MCRYPT_MODE_CBC , '12345678');
echo base64_encode($securedString);

So what would an equivalent ColdFusion Decryption call look like?

BTW: if Blowfish is not the ideal algorithm to use please feel free to suggest another as long as both ColdFusion and PHP can use it and it is secure.

Thanks, Bruce


Something like this should work. You just need to share a common key between each.


base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $plain_string, MCRYPT_MODE_ECB));

In Coldfusion:

     decrypted_string = decrypt(enc_string, key, "DESEDE", "Base64");

Need Your Help

JavaEE CDI Testing: get cause of RollbackException

java-ee cdi transactional jboss-arquillian

I'm using Arquillian with an embedded Glassfish 4.0 container for testing. So far, I managed to get it to work, but one test case keeps failing and I don't know why. Here is my Test code: