I want to access some Java class and function from within a CFML script (I'm total noob in Java):

passwordutils = createObject("java","coldfusion.util.PasswordUtils");
newPass = passwordutils.encryptPassword("p455w0rd");


Getting the following error: enter image description here The Java class I want to use is the one below (in coldfusion.util.PasswordUtils):

package coldfusion.util;

import coldfusion.archivedeploy.ArchiveDeployServiceImpl;
import coldfusion.flex.FlexAssemblerService;
import coldfusion.log.CFLogs;
import coldfusion.log.Logger;
import coldfusion.lucene.SolrServiceImpl;
import coldfusion.mail.MailSpooler;
import coldfusion.monitor.MonitoringServiceImpl;
import coldfusion.runtime.ApplicationException;
import coldfusion.runtime.CFPage;
import coldfusion.runtime.RuntimeServiceImpl;
import coldfusion.runtime.Struct;
import coldfusion.scheduling.CronServiceImpl;
import coldfusion.security.SecurityManager;
import coldfusion.security.SecurityUtils;
import coldfusion.server.SecurityService;
import coldfusion.server.ServiceException;
import coldfusion.server.ServiceFactory;
import coldfusion.server.ServiceRuntimeException;
import coldfusion.sql.Executive;
import coldfusion.tagext.io.FileUtils;
import coldfusion.wddx.Base64Encoder;
import coldfusion.xml.rpc.XmlRpcServiceImpl;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.Observable;
import java.util.Observer;
import java.util.Properties;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

public class PasswordUtils
  extends Observable
  private static final char PADCHAR = '#';
  private static final String DESALGORITHM = "DESede";
  private static final String AES_CBC_PKCS5_ALGORITHM = "AES/CBC/PKCS5Padding";
  private static final String SEEDFILE = "seed.properties";
  private static final String BASEENCODING = "Base64";
  public static final String SEED = "seed";
  public static final String ALGORITHM = "algorithm";
  public static final String CURRENT_ALGORITHM = "AES/CBC/PKCS5Padding";
  public static final int FORAES_START_MAJOR_VERSION = 9;
  public static final int FORAES_START_MINOR_VERSION = 5;
  private static String ROOTDIR;
  private static String SEEDFILEPATH;
  private static PasswordUtils instance = null;
  private String seedValue;
  private Properties seedProperties;
  private static File seedFileObj;

  public static PasswordUtils getInstance(String rootDir)
    throws ServiceException
    if (instance == null)
      ROOTDIR = rootDir;
      SEEDFILEPATH = ROOTDIR + File.separatorChar + "lib" + File.separatorChar + "seed.properties";
      instance = new PasswordUtils();
    return instance;

  public static PasswordUtils getInstance()
    return instance;

  private PasswordUtils()
    throws ServiceException
    this.seedProperties = new Properties();

  private void loadSeed()
    throws ServiceException
    seedFileObj = new File(SEEDFILEPATH);
    FileInputStream finput = null;
      finput = new FileInputStream(seedFileObj);
      catch (Throwable t) {}
      seed = this.seedProperties.getProperty("seed");
    catch (Throwable t)
      if (seedFileObj.exists()) {
        throw new ServiceException(t);
      catch (Throwable t) {}
    String seed;
    String algoValue = this.seedProperties.getProperty("algorithm");
    if ((seed != null) && (algoValue != null) && (seed.length() > 0) && (algoValue.length() > 0))
      this.seedValue = seed;
      if (!algoValue.equalsIgnoreCase("AES/CBC/PKCS5Padding")) {
        throw new SeedException();
      throw new SeedException();

  public void setSeed(String seedVal)
    throws Exception
    if (seedVal != null)
      String digest = SecurityUtils.hash(seedVal, "SHA-256", "", "");
      seedVal = digest.substring(0, 16);
      throw new RuntimeException("Seed cannot be null");
    if (seedVal.equals(this.seedValue)) {
    this.seedValue = seedVal;

    AccessController.doPrivileged(new PrivilegedAction()
      public Object run()
        PasswordUtils.this.seedProperties.setProperty("seed", PasswordUtils.this.seedValue);
        return null;

  public synchronized void addObserver(Observer o)
    if (o == null) {
      throw new NullPointerException();
    if ((!(o instanceof RuntimeServiceImpl)) && (!(o instanceof SolrServiceImpl)) && (!(o instanceof SecurityManager)) && (!(o instanceof Executive)) && (!(o instanceof FlexAssemblerService)) && (!(o instanceof CronServiceImpl)) && (!(o instanceof MonitoringServiceImpl)) && (!(o instanceof MailSpooler)) && (!(o instanceof XmlRpcServiceImpl)) && (!(o instanceof ArchiveDeployServiceImpl))) {
      throw new SeedException();
    o.update(instance, this.seedValue);

  public static String reEncryptWithNewSeed(String encryptedStr, String oldSeed, String newSeed, String oldAlgoValue, int majorVersion, int minorVersion)
    return reEncryptWithNewSeed(encryptedStr, oldSeed, newSeed, false, oldAlgoValue, majorVersion, minorVersion);

  public static String reEncryptWithNewSeed(String encryptedStr, String oldSeed, String newSeed, boolean noEncodingForDecryption, String oldAlgoValue, int majorVersion, int minorVersion)
    if ((encryptedStr == null) || ((encryptedStr != null) && (encryptedStr.equals("")))) {
      return encryptedStr;
    if (majorVersion == 0)
      PasswordUtils tmp31_28 = instance;tmp31_28.getClass();throw new SeedException(tmp31_28);
    if (isAESS(majorVersion, minorVersion))
      if ((oldAlgoValue != null) && (oldAlgoValue.length() > 0))
        if ((oldAlgoValue.equalsIgnoreCase("AES/CBC/PKCS5Padding")) && (oldSeed.equals(newSeed))) {
          return encryptedStr;
        if (oldAlgoValue.equalsIgnoreCase("AES/CBC/PKCS5Padding")) {
          return encryptWithAES_CBC_PKCS5(decryptWithAES_CBC_PKCS5(encryptedStr, oldSeed), newSeed);
        PasswordUtils tmp110_107 = instance;tmp110_107.getClass();throw new SeedException(tmp110_107);
    else {
      return encryptWithAES_CBC_PKCS5(decryptWith3DES(encryptedStr, oldSeed, noEncodingForDecryption), newSeed);
    return encryptedStr;

  public static String reEncryptForSM(String encryptedStr, String oldSeed, String newSeed)
    if ((encryptedStr == null) || ((encryptedStr != null) && (encryptedStr.equals("")))) {
      return encryptedStr;
    if ((oldSeed != null) && (oldSeed.equals(newSeed))) {
      return encryptedStr;
    return encryptWith3DES(decryptWithAES_CBC_PKCS5(encryptedStr, oldSeed), newSeed);

  public static String reEncryptWithNewSeed(String encryptedStr, String oldSeed, String newSeed)
    if ((encryptedStr == null) || ((encryptedStr != null) && (encryptedStr.equals("")))) {
      return encryptedStr;
    if ((oldSeed != null) && (oldSeed.equals(newSeed))) {
      return encryptedStr;
    return encryptWithAES_CBC_PKCS5(decryptWithAES_CBC_PKCS5(encryptedStr, oldSeed), newSeed);

  public static String decryptPassword(String encryptedPassword, String seedval, String algoValue)
    if ((encryptedPassword == null) || ((encryptedPassword != null) && (encryptedPassword.equals("")))) {
      return encryptedPassword;
    if (seedval == null) {
      throw new RuntimeException("Seed passed for encryption in null.");
    String pwd = null;
    if ((algoValue != null) && (algoValue.length() > 0)) {
      if (algoValue.equalsIgnoreCase("AES/CBC/PKCS5Padding"))
        pwd = decryptWithAES_CBC_PKCS5(encryptedPassword, seedval);
        CFLogs.SERVER_LOG.error("Unknown Algorithm Specified."); PasswordUtils 
          tmp79_76 = instance;tmp79_76.getClass();throw new UnknownAlgorithmException(tmp79_76);
    return pwd;

  public static String decryptPassword(String encryptedPassword, String seedval)
    if ((encryptedPassword == null) || ((encryptedPassword != null) && (encryptedPassword.equals("")))) {
      return encryptedPassword;
    if (seedval == null) {
      throw new RuntimeException("Seed passed for encryption in null.");
    String pwd = null;

    pwd = decryptWithAES_CBC_PKCS5(encryptedPassword, seedval);
    return pwd;

  public static String encryptPassword(String p, String seedval)
    if ((p == null) || ((p != null) && (p.equals("")))) {
      return p;
    if (seedval == null) {
      throw new RuntimeException("Seed passed for encryption in null.");
    return encryptWithAES_CBC_PKCS5(p, seedval);

  public static String encryptWith3DES(String p, String seedval)
    String secKey = CFPage.generate3DesKey(seedval);
    return CFPage.Encrypt(p, secKey, "DESede", "Base64");

  private static String decryptWith3DES(String encryptedPassword, String seedval, boolean noEncodingForDecryption)
    String secKey = CFPage.generate3DesKey(seedval);
    String pwd;
    String pwd;
    if (noEncodingForDecryption) {
      pwd = CFPage.Decrypt(encryptedPassword, secKey, "DESede");
    } else {
      pwd = CFPage.Decrypt(encryptedPassword, secKey, "DESede", "Base64");
    return pwd;

  private static String decryptWithAES_CBC_PKCS5(String encryptedPassword, String seedval)
    String secKey = generateAesKey(seedval);
    return CFPage.Decrypt(encryptedPassword, secKey, "AES/CBC/PKCS5Padding", "Base64");

  private static String decryptWithAES_CBC_PKCS5(String encryptedPassword, String seedval, String enc)
    String secKey = generateAesKey(seedval);
    if ((enc != null) && (enc.length() > 0)) {
      return CFPage.Decrypt(encryptedPassword, secKey, "AES/CBC/PKCS5Padding", enc);
    return CFPage.Decrypt(encryptedPassword, secKey, "AES/CBC/PKCS5Padding", "Base64");

  private static String encryptWithAES_CBC_PKCS5(String p, String seedval)
    String secKey = generateAesKey(seedval);
    return CFPage.Encrypt(p, secKey, "AES/CBC/PKCS5Padding", "Base64");

  private static String encryptWithAES_CBC_PKCS5(String p, String seedval, String enc)
    String secKey = generateAesKey(seedval);
    if ((enc != null) && (enc.length() > 0)) {
      return CFPage.Encrypt(p, secKey, "AES/CBC/PKCS5Padding", enc);
    return CFPage.Encrypt(p, secKey, "AES/CBC/PKCS5Padding", "Base64");

  private static String generateAesKey(String seed)
    if ((seed == null) || ((seed != null) && (seed.length() == 0)))
      PasswordUtils tmp22_19 = instance;tmp22_19.getClass();throw new SeedException(tmp22_19);
    byte[] seedBytes = null;
      seedBytes = seed.getBytes("UTF-8");
    catch (UnsupportedEncodingException e)
      seedBytes = seed.getBytes();
    int seedLen = seedBytes.length;
    seedBytes = Arrays.copyOf(seedBytes, 16);
    if (seedLen < 16) {
      for (int i = seedLen; i < 16; i++) {
        seedBytes[i] = 35;
    SecretKey secretKey = new SecretKeySpec(seedBytes, "AES");
    return Base64Encoder.encode(secretKey.getEncoded());

  private final void storeSeedProperties()
    FileOutputStream foutput = null;
      foutput = new FileOutputStream(SEEDFILEPATH);
      this.seedProperties.store(foutput, null);
      if (foutput != null) {
        catch (Exception e)
        FileUtils.setUnixModes(SEEDFILEPATH, 600);
      catch (Exception e)
    catch (Exception ex)
      throw new ServiceRuntimeException(ex);
      if (foutput != null) {
        catch (Exception e)

  public static FastHashtable loadSeedForMigration(String filePath)
    throws ServiceException

    FastHashtable struct = Struct.StructNew();
    Properties props = new Properties();
    if (filePath == null) {
      return struct;
    File seedFile = new File(filePath);
    if ((seedFile != null) && (!seedFile.exists())) {
      return struct;
      if ((seedFileObj != null) && (seedFile != null) && (seedFileObj.getCanonicalPath().equalsIgnoreCase(seedFile.getCanonicalPath()))) {
        return struct;
    catch (IOException e)
    FileInputStream finput = null;
      finput = new FileInputStream(seedFile);
      catch (Throwable t)
      if (props == null) {
        return struct;
    catch (Throwable t) {}finally
      catch (Throwable t)
    String seed = props.getProperty("seed");
    String algoValue = props.getProperty("algorithm");
    if ((seed != null) && (seed.length() > 0)) {
      struct.put("seed", seed);
    if ((algoValue != null) && (algoValue.length() > 0)) {
      struct.put("algorithm", algoValue);
    return struct;

  public static boolean isAESS(int majorVersion, int minorVersion)
    if ((majorVersion > 9) || ((majorVersion == 9) && (minorVersion == 5))) {
      return true;
    return false;

  public static String encryptWithEncoding(String p, String seedval, String enc)
    if ((p == null) || ((p != null) && (p.equals("")))) {
      return p;
    if (seedval == null) {
      throw new RuntimeException("Seed passed for encryption in null.");
    return encryptWithAES_CBC_PKCS5(p, seedval, enc);

  public static String decryptWithEncoding(String encryptedPassword, String seedval, String enc)
    if ((encryptedPassword == null) || ((encryptedPassword != null) && (encryptedPassword.equals("")))) {
      return encryptedPassword;
    if (seedval == null) {
      throw new RuntimeException("Seed passed for encryption in null.");
    String pwd = null;

    pwd = decryptWithAES_CBC_PKCS5(encryptedPassword, seedval, enc);
    return pwd;

  public class SeedException
    extends ApplicationException
    private static final long serialVersionUID = 1L;

    public SeedException() {}

  public class UnknownAlgorithmException
    extends ApplicationException
    private static final long serialVersionUID = 1L;

    public UnknownAlgorithmException() {}


public static String encryptPassword(String p, String seedval)

I think you forgot the seedval argument. Does this work?

newPass = passwordutils.encryptPassword("p455w0rd","thisisnotaseed");
许可以下: CC-BY-SA归因
不隶属于 StackOverflow
scroll top