Skip to content
ggfx edited this page Jul 26, 2013 · 3 revisions

coldfusion-rsa is a CFC (Coldfusion component) for asymmetric key cryptograph using java security

Installation

Place the rsa.cfc into your Coldfusion CustomTags folder or anywhere in your Application where you want to load the rsa component.

Simple Test Case

Load the component

<cfset rsa_obj = createObject("component","rsa").init()>

With Javaloder and BouncyCastleProvider it could look like this (this is optional)

<cfset rsa_obj = createObject("component","rsa").init("JavaLoader.JavaLoader",expandPath("./bcprov-jdk15on-149.jar"))>

Create a key pair

<cfset keys = rsa_obj.create_key_pair()>

This will create a key pair and then return it as a struct.

  • keys.public_key
  • keys.private_key

If you want to encrypt a larger text than just a small string or you want your RSA key not to be crackable (http://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths) you should increase the default key-size of 512 bit to 2048 by providing the number as a first parameter.

<cfset keys = rsa_obj.create_key_pair(2048)>

You could now save each key to where you want it, a file or a database

<cffile action="write" file="#expandPath('./public.key.txt')#" output="#keys.public_key#">
<cffile action="write" file="#expandPath('./private.key.txt')#" output="#keys.private_key#">

encrypt your text

<cfset secret_text = "My secret password or whatever">
<cfset encrypted = rsa_obj.encrypt_string(secret_text,keys.public_key)>
<cfdump var="#encrypted#">

decrypt the encrypted string

<cfset decrypted = rsa_obj.decrypt_string(encrypted,keys.private_key)>
<cfdump var="#decrypted#">

encrypting with private key and decrypting with public key

If you intend to encrypt your text with your private key and decrypt it with the public key and your keys are not an object, yet (most common case) you have to use a third parameter on the methods encrypt_string and decrypt_string:

<cfset encrypted = rsa_obj.encrypt_string(secret_text,keys.private_key,"private")>

<cfset decrypted = rsa_obj.decrypt_string(encrypted,keys.public_key,"public")>