-
Notifications
You must be signed in to change notification settings - Fork 1
Home
coldfusion-rsa is a CFC (Coldfusion component) for asymmetric key cryptograph using java security
Place the rsa.cfc into your Coldfusion CustomTags folder or anywhere in your Application where you want to load the rsa component.
<cfset rsa_obj = createObject("component","rsa").init()>
With Javaloder and BouncyCastleProvider it could look like this (this is optional)
<cfset rsa_obj = createObject("component","rsa").init("JavaLoader.JavaLoader",expandPath("./bcprov-jdk15on-149.jar"))>
<cfset keys = rsa_obj.create_key_pair()>
This will create a key pair and then return it as a struct.
- keys.public_key
- keys.private_key
If you want to encrypt a larger text than just a small string or you want your RSA key not to be crackable (http://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths) you should increase the default key-size of 512 bit to 2048 by providing the number as a first parameter.
<cfset keys = rsa_obj.create_key_pair(2048)>
You could now save each key to where you want it, a file or a database
<cffile action="write" file="#expandPath('./public.key.txt')#" output="#keys.public_key#">
<cffile action="write" file="#expandPath('./private.key.txt')#" output="#keys.private_key#">
<cfset secret_text = "My secret password or whatever">
<cfset encrypted = rsa_obj.encrypt_string(secret_text,keys.public_key)>
<cfdump var="#encrypted#">
<cfset decrypted = rsa_obj.decrypt_string(encrypted,keys.private_key)>
<cfdump var="#decrypted#">
If you intend to encrypt your text with your private key and decrypt it with the public key and your keys are not an object, yet (most common case) you have to use a third parameter on the methods encrypt_string and decrypt_string:
<cfset encrypted = rsa_obj.encrypt_string(secret_text,keys.private_key,"private")>
<cfset decrypted = rsa_obj.decrypt_string(encrypted,keys.public_key,"public")>