User Guide
572 Chapter 3: ColdFusion Functions
Usage
This function uses a symmetric key-based algorithm, in which the same key is used to encrypt
and decrypt a string. The parameter values must match the values used to encode string. The
security of the encrypted string depends on maintaining the secrecy of the key.
ColdFusion MX 7 uses the Java Cryptography Extension (JCE) and installs a Sun Java 1.4.2
runtime that includes the Sun JCE default security provider. This provider includes the
algorithms listed in the Parameters section. The JCE framework includes facilities for using other
provider implementations; however, Macromedia cannot provide technical support for third-
party security providers.
Example
<h3>Decrypt Example</h3>
<!--- Do the following if the form has been submitted. --->
<cfif IsDefined("Form.myString")>
<cfscript>
/* GenerateSecretKey does not generate key for the CFMX_COMPAT algorithm,
so use the key from the form.
*/
if (Form.myAlgorithm EQ "CFMX_COMPAT")
theKey=Form.MyKey;
// For all other encryption techniques, generate a secret key.
else
theKey=generateSecretKey(Form.myAlgorithm);
//Encrypt the string
encrypted=encrypt(Form.myString, theKey, Form.myAlgorithm,
Form.myEncoding);
//Decrypt it
decrypted=decrypt(encrypted, theKey, Form.myAlgorithm, Form.myEncoding);
</cfscript>
<!--- Display the values used for encryption and decryption,
and the results. --->
<cfoutput>
<b>The algorithm:</b> #Form.myAlgorithm#<br>
<b>The key:</B> #theKey#<br>
<br>
<b>The string:</b> #Form.myString# <br>
<br>
<b>Encrypted:</b> #encrypted#<br>
<br>
<b>Decrypted:</b> #decrypted#<br>
</cfoutput>
</cfif>
<!--- The input form. --->
<form action="#CGI.SCRIPT_NAME#" method="post">
<b>Select the encoding</b><br>
<select size="1" name="myEncoding" >
<option selected>UU</option>
<option>Base64</option>
<option>Hex</option>