How do I use encryption in ColdFusion?

ColdFusion makes it simply to use encryption to protect sensitive data. The basic process to encrypt data requires you to select a key. This key is used to both encrypt and decrypt the data. The same key must be used for both operations. Once you have selected a key, the code is simple:

<cfset key = "mysecretsarebetterthanyoursecrets">
<cfset string = "my credit card number">
<cfset encrypted_string = encrypt(string,key)>

To decrypt the string, just reverse the process:

<cfset decrypted_string = decrypt(encrypted_string, key)>

ColdFusion supports multiple types of encryption. These include AES, DES, DES-EDE, DESX, RC2, RC4, RC5, SHA1, SHA-256, HMAC-MD5, and others as well. The level of encryption supported depends on the edition of ColdFusion being run. ColdFusion also supports an encryptBinary and decryptBinary to support encryption of binary data.

This question was written by Raymond Camden
It was last updated on August 6, 2007.




comments powered by Disqus