Using CF10 AES-256 (AES/CBC/PKCS5Padding algorithm) I'm trying to store the encrypted string in a MySQL column (BLOB) and getting this error:
java.lang.String cannot be cast to [B
I've tried the default UU and base64 encodings and get the same error (semi-related - any advantages to storing in base64 over UU or vice versa?).
My code right now is just a simple test update query. I've tried setting the cfsqltype to both blob and varchar on my cfqueryparam (and I've tried no cfqueryparam).
Here's my code where I have it now after suggestions from Jason. I'm stuck on getting the decrypted string back though.
<cfset thePlainText = '010101939393923490 this is my string to encrypt'/>
<cfset theKey = application.sec.AESKey256/>
<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />
<cfset theEncoding = "base64" />
<cfset encryptedString = toBinary(encrypt(thePlainText, theKey, theAlgorithm, theEncoding)) />
<cfquery name="upd" datasource="#myds#">
UPDATE table SET
field = <cfqueryparam cfsqltype="cf_sql_blob" value="#encryptedString#"/>
WHERE id=1
</cfquery>
After that it's all well and good. I have a blob field in the db and it's storing the data. So now if I want to select it back I'm hitting a snag:
<cfquery name="qry" datasource="#myds#">
SELECT field
FROM table
WHERE id=1
</cfquery>
I thought this would work:
<cfset decryptedString = decrypt(toString(qry.field), theKey, theAlgorithm, theEncoding)/>
But I'm getting "An error occurred while trying to encrypt or decrypt your input string: The input and output encodings are not same"
If I dump the encrypted string var and the qry query the encrypted string vs. the dumped data are indeed different
SOLVED (toBase64 not toString)
<cfset decryptedString = decrypt(toBase64(qry.field), theKey, theAlgorithm, theEncoding)/>
You're trying to store a string in a BLOB field. ColdFusion's encrypt() method returns a string, not a binary object. So you can either store it in a VARCHAR instead or you can convert it to a binary object.
<cfset cipher = encrypt("... blah blah blah") />
<cfset binCipher = binaryDecode(cipher, "Base64") />
Then store binCipher.
Continue to use Base64 encoding in the encrypt() call.