• Abulafia
  • 5 Points
  • Member since 2009

  • Chatter
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
  • 5

In the controller of an externally exposed VF page, I am accepting a bank notification after the payment completion.

The parameter being sent are encrypted using AES with Cipher Block Chaining, using PCKS-5 Padding. The decryption algorithm should be initialised with a 16 byte, zero-filled initialization vector, and should use your encryption key.  


Before the decryption the parameters look like:






The signature is a base-64 encoded MD5 hash of the encrypted text, and can be used to verify that the text was transmitted correctly.

After decryption, the parameters will appear as follows:


Following I specify the VF controller constructor:

    public sbBankNotification() {
        System.debug('>>>>> sbPDC->>>>> 100 >>>>>sbBankNotification contructor' );

        String myEncrypPar	= Apexpages.currentPage().getParameters().get( 'EncryptedParameters' ) ;
        String mySignature	= Apexpages.currentPage().getParameters().get( 'Signature' );

        if ( myEncrypPar != null ) this.encrypPar	= myEncrypPar ;
        if ( mySignature != null ) this.signature	= mySignature ;
        System.debug('>>>>> sbPDC->>>>> 103 >>>>>sbBankNotification:encrypPar('+this.encrypPar.length()+')=['+this.encrypPar+']' );
        System.debug('>>>>> sbPDC->>>>> 105 >>>>>sbBankNotification:Signature=['+this.signature+']' );
        try {
           String algorithmName = 'AES192' ;
           Blob privateKey = Blob.valueOf(ENCRYPTIONKEY) ;
           Blob initializationVector = Blob.valueOf('0000000000000000') ;
           Blob cipherText = Blob.valueOf(this.encrypPar) ;
           Blob params = Crypto.decrypt(algorithmName, privateKey, initializationVector, cipherText ) ;
           System.debug('>>>>> sbPDC->>>>> 105 >>>>>sbBankNotification:params=['+params.toString()+']' );

        } catch (Exception ex) {
           System.debug('>>>>> sbPN->>>>> 107 >>>>>sbBankNotification:Exception['+ ex +'] ');

 I keep on getting the debug information followed by exception message:

USER_DEBUG|[18]|DEBUG|>>>>> sbPDC->>>>> 103 >>>>>sbBankNotification:encrypPar(408)=[xxUSjEJ2Hp2pycHLe13Xy9N0CGhnqixzD8ZpNZyyBx0oFemyzq8QGnTMoqDwmreT0OzYPVOkQ2iFsUT2gxHxansC3Bp2G31G0V1IxnjZckKzWNCf6o5n6OrTsCeQbgr0YAFzSowY6MJV2yY2RB//xFxlRJ0ShWfn4EAsodWsP6L25PuzIM0XxdpEyWuqgBl1DWOcqKQurnye2cdQJiAXvpP+lpogCikXf0KbZ9WnDTTV4ABdefU5wlCobUomz7x5SldmFhyHLs1hUXxFhF0inM+Bkii5zBPVWNf2OlEfs8uG94kczxDHmw3T7qDtlayW0mOtDw5GstMtl1K4KM/VksGzNbfL1wGM0ONTDmH0liXTaxlSj+SBmO4ouYq30bpnCYoVtx5VUnP1jvCjbicoeg==]
USER_DEBUG|[19]|DEBUG|>>>>> sbPDC->>>>> 105 >>>>>sbBankNotification:Signature=[XhIsA4bPLbCMVHhdYN+5ieZHKWkF3JDt4uso+A5v8Og=]
SYSTEM_METHOD_ENTRY|[26]|system.Crypto.decrypt(String, Blob, Blob, Blob)
SYSTEM_METHOD_EXIT|[26]|system.Crypto.decrypt(String, Blob, Blob, Blob)
USER_DEBUG|[30]|DEBUG|>>>>> sbPN->>>>> 107 >>>>>sbBankNotification:Exception[System.SecurityException: Input length must be multiple of 16 when decrypting with padded cipher] 

The length of the encrypted parameters I get from the bank is 408 chars, which are using pcks-5 padding.


I have tried shortening the last lengh of the string up to 400 chars (to be mulple of 16) but the I got another exception error notifying that the string does not finalize with the correct character.


Please help





I am trying to encrypt and decrypt a password using the Crypto class.



     Blob cryptoKey = Crypto.generateAesKey(128);
    	 Blob data = Blob.valueOf(weUserRec.password__c);
      Blob encryptedData = Crypto.encryptWithManagedIV('AES128', cryptoKey, data);
      Blob decrypt = Crypto.decryptWithManagedIV('AES128', cryptoKey, data);
  }catch(Exception e){


The above is throwing an exception with message "Invalid initialization vector. Must be 16 bytes" (InvalidParameterValue).

Since the SF provided Managed IV methods are used here (the code is almost exactly like the sample), why does it throw this error?


  • November 24, 2010
  • Like
  • 0

Hi Guys,


I am using windows7 - 64 bit and office 2010 beta .. just check out the error and suggest what can be done ...


Error is as follows: The code in this project must be updated for use on 64 bit system.Please review and update Declare statements and then mark them with the PtrSafe attribute.




Thanks in Advance

Hi folks - I've got mixed answers on this one. If I create an AppExchange application that uses Apex Code as part of it, can I install that application into a customer's professional edition org?

If not, that would severely reduce the chance that we could actually use Apex Code since it would mean that we couldn't sell to a big chunk of customers.