Description
Encrypts binary data using a specific algorithm and encoding method.
Returns
Binary data.
Category
Security functions, String functions
Function syntax
EncryptBinary(binaryData, key, algorithm, IV_Salt, iterations) |
See also
Decrypt, DecryptBinary, Encrypt
History
- ColdFusion (2023 release) Update 8 and ColdFusion (2021 release) Update 14: Changed the default algorithm from CFMX_COMPAT to AES/CBC/PKCS5Padding.
- ColdFusion (2021 release): Added support for authentication encryption.
- ColdFusion 8: Added support for encryption using the RSA BSafe Crypto-J library on Enterprise Edition.
- ColdFusion MX 7.01: Added this function.
Parameters
Parameter |
Description |
---|---|
bytes |
Binary data to encrypt. |
key |
String. Key or seed used to encrypt the string.
|
algorithm |
(Optional) The algorithm to use to decrypt the string.The Enterprise Edition of ColdFusion installs the RSA BSafe Crypto-J library, which provides FIPS-140 Compliant Strong Cryptography. For a list of algorithms, see the Encrypt function.The Standard Edition of ColdFusion installs a cryptography library with the following algorithms:
|
IVorSalt |
(Optional) Specify this parameter to adjust ColdFusion encryption to match the details of other encryption software. If you specify this parameter, also specify the algorithm parameter.
|
iterations |
(Optional) The number of iterations to transform the password into a binary key. Specify this parameter to adjust ColdFusion encryption to match the details of other encryption software. If you specify this parameter, also specify the algorithm parameter with a Password Based Encryption (PBE) algorithm. Do not specify this parameter for Block Encryption algorithms. Use the same value to encrypt and decrypt the data. |
Usage
This function uses a symmetric key-based algorithm, in which the same key is used to encrypt and decrypt binary data. The security of the encrypted data depends on maintaining the secrecy of the key. For all algorithms except the default algorithm, ColdFusion uses the Java Cryptography Extension (JCE) and installs a Sun Java runtime that includes the Sun JCE default security provider. This provider includes the algorithms listed in the Parameters section. The JCE framework includes facilities for using other provider implementations; however, Adobe cannot provide technical support for third-party security providers.The default algorithm, which is the same as was used in ColdFusion 5 and ColdFusion MX, uses an XOR-based algorithm that uses a pseudo-random 32-bit key, based on a seed passed by the user as a function parameter. This algorithm is less secure than the other available algorithms.
Example
The following example encrypts and decrypts binary data. It encrypts the binary data contained in a file and then decrypts the encrypted file. It lets you specify the encryption algorithm and encoding technique. It also has a field for a key seed to use with the CFMX_COMPAT algorithm. For all other algorithms, it generates a secret key.
<h3>EncryptBinary Example</h3>
|
EXAMPLE 2
<cfscript> // binary data b = ToBinary("abcd") // generate the key key = GenerateSecretKey("AES") iterations="AssoicatedData" randomIntegers = []; // generate the SALT value for ( i = 1 ; i <= 12 ; i++ ) { arrayAppend( randomIntegers, randRange( -128, 127, "SHA1PRNG" ) ); } initializationVector = javaCast( "byte[]", randomIntegers ) // encrypt srring enc1 = EncryptBinary(binaryData=b, key=key, algorithm="AES/GCM/NoPadding", IV_Salt=initializationVector, iterations=iterations) writeDump(enc1) </cfscript>