· 7 years ago · Nov 02, 2018, 07:08 PM
1<cfscript>
2
3 writeOutput( genAESKeyFromPW('dqKVxbnaYZrEj24Aw7XdWH9N23fKmREm', 'wUaR4vuTVwLZp8Ndh3qbFJ7ezQmumJEs') );
4
5 string function genAESKeyFromPW( required string password, required string salt64, numeric length = 128 ) {
6 // Decode the salt value that was provided.
7 var salt = toString( toBinary( arguments.salt64 ), 'ASCII' );
8
9 // Go fetch Java's secret key factory so we can generate a key.
10 var keyFactory = createObject( 'java', 'javax.crypto.SecretKeyFactory' ).getInstance( 'PBKDF2WithHmacSHA1' );
11
12 // Define a key specification based on the password and salt that were provided.
13 var keySpec = createObject( 'java', 'javax.crypto.spec.PBEKeySpec' ).init(
14 arguments.password.toCharArray(), // Convert the password to a character array (char[])
15 salt.getBytes( 'ASCII' ), // Convert the salt to a byte array (byte[])
16 javacast( 'int', 1024 ), // Iterations as Java int
17 javacast( 'int', arguments.length ) // Key length as Java int (192 or 256 may be available depending on your JVM)
18 );
19
20 // Initialize the secret key based on the password/salt specification.
21 var tempSecret = keyFactory.generateSecret( keySpec );
22
23 // Generate the AES key based on our secret key.
24 var secretKey = createObject( 'java', 'javax.crypto.spec.SecretKeySpec' ).init( tempSecret.getEncoded(), 'AES' );
25
26 // Return the generated key as a Base64-encoded string.
27 return toBase64( secretKey.getEncoded() );
28 }
29
30</cfscript>