ColdFusion: Integer "0" doesn't convert to ASCII character

Question

I have a string (comprised of a userID and a date/time stamp), which I then encrypt using ColdFusion's Encrypt(inputString, myKey, "Blowfish/ECB/PKCS5Padding", "Hex").

In order to interface with a 3d party I have to then perform the following:

1. Convert each character pair within the resultant string into a HEX value.
2. HEX values are then represented as integers.
3. Resultant integers are then output as ASCII characters.
4. All the ASCII characters combine to form a Bytestring.
5. Bytestring is then converted to Base64.
6. Base64 is URL encoded and finally sent off (phew!)

It all works seamlessly, APART FROM when the original cfEncrypted string contains a "00".

The HEX value 00 translates as the integer (via function InputBaseN) 0 which then refuses to translate correctly into an ASCII character!

The resultant Bytestring (and therefore url string) is messed up and the 3d party is unable to decipher it.

It's worth mentioning that I do declare: <cfcontent type="text/html; charset=iso-8859-1"> at the top of the page.

Is there any way to correctly output 00 as ASCII? Could I avoid having "00" within the original encrypted string? Any help would be greatly appreciated :)

Answer 1

I'm pretty sure ColdFusion (and the Java underneath) use a null-terminated string type. This means that every string contains one and only one asc(0) char, which is the string terminator. If you try to insert an asc(0) into a string, CF is erroring because you are trying to create a malformed string element.

I'm not sure what the end solution is. I would play around with toBinary() and toString(), and talk to your 3rd party vendor about workarounds like sending the raw hex values or similar.