Description
Decrypts encrypted binary data with the specified key, value, algorithm, salt, and iterations.
Returns
Unencrypted binary data.
Category
Security functions, String functions
Function syntax
DecryptBinary(input,key,[algorithm, prefix, iterations])
See also
History
- ColdFusion (2023 release) Update 8 and ColdFusion (2021 release) Update 14: Changed the default algorithm from CFMX_COMPAT to AES/CBC/PKCS5Padding.
- ColdFusion (2021 release): Added support for authentication encryption.
- ColdFusion (2018 release): Introduced named parameters.
- ColdFusion 8: Added support for encryption using the RSA BSafe Crypto-J library on Enterprise Edition.
- ColdFusion MX 7.01: Added this function.
Parameters
Parameter |
Description |
---|---|
input |
Binary data to decrypt. |
key |
String. For the CFMX_COMPAT algorithm, the seed that was used to encrypt the binary data; for all other algorithms, the string generated by the generateSecretKey() method. |
algorithm |
(Optional) The Enterprise Edition of ColdFusion installs the RSA BSafe Crypto-J library, which provides FIPS-140 Compliant Strong Cryptography. For a list of algorithms, see the Encrypt function.The Standard Edition of ColdFusion installs a cryptography library with the following algorithms:
|
prefix |
(Optional) Specify this parameter to adjust ColdFusion encryption to match the details of other encryption software. If you specify this parameter, also specify the algorithm parameter.
|
iterations |
(Optional) The number of iterations to transform the password into a binary key. Specify this parameter to adjust ColdFusion encryption to match the details of other encryption software. If you specify this parameter, also specify the algorithm parameter with a Password Based Encryption (PBE) algorithm. Do not specify this parameter for Block Encryption Algorithms. Use the same value to encrypt and decrypt the data. |
Usage
This function uses a symmetric key-based algorithm, in which the same key is used to encrypt and decrypt data. The parameter values must match the values used to encode the string. The security of the encrypted string depends on maintaining the secrecy of the key. ColdFusion uses the Java Cryptography Extension (JCE) and installs a Sun Java runtime that includes the Sun JCE default security provider. This provider includes the algorithms listed in the Parameters section. The JCE framework includes facilities for using other provider implementations; however, Adobe cannot provide technical support for third-party security providers.
Example
<h3>DecryptBinary Example</h3> < !--- Do the following if the form has been submitted. ---> <cfif IsDefined("Form.myfile")> <cffile file="#Form.myfile#" action="readBinary" variable="myData"> <cfscript> /* GenerateSecretKey does not generate key for the CFMX_COMPAT algorithm, so use the key from the form. */ if (Form.myAlgorithm EQ "CFMX_COMPAT") theKey=Form.MyKey; // For all other encryption techniques, generate a secret key. else theKey=generateSecretKey(Form.myAlgorithm); //Encrypt the string encrypted=encryptBinary(myData, theKey, Form.myAlgorithm); //Decrypt it decrypted=decryptBinary(encrypted, theKey, Form.myAlgorithm); </cfscript> <cfset encfile="#Form.myfile#" & "_enc"> <cfset decfile="#Form.myfile#" & "_dec"> <cffile file="#encfile#" action="write" output="#encrypted#"> <cffile file="#decfile#" action="write" output="#decrypted#"> <!--- Display the values used for encryption and decryption, and the results. ---> <cfoutput> <b>The algorithm:</b> #Form.myAlgorithm#<br> <b>The key:</B> #theKey#<br> <br> <b>The InputFile:</b> #Form.myfile# <br> <br> <b>Encrypted:</b> #encfile#<br> <br> <b>Decrypted:</b> #decfile#<br> </cfoutput> </cfif> <!--- The input form. ---> <form action="#CGI.SCRIPT_NAME#" method="post"> <b>Select the algorithm</b><br> <select size="1" name="myAlgorithm"> <option selected>CFMX_COMPAT</option> <option>AES</option> <option>DES</option> <option>DESEDE</option> </select><br> <br> <b>Input your key</b> (used for CFMX_COMPAT encryption only)<br> <input type = "Text" name = "myKey" value = "MyKey"><br> <br> <b>Enter filename to encrypt</b><br> <input type="text" name="myfile" value="Enter the path of the file to encrypt"><br> <input type = "Submit" value = "Encrypt file "> </form>
EXAMPLE 2
<cfscript> // binary data b = ToBinary("abcd") // generate the key key = GenerateSecretKey("AES") iterations="AssoicatedData" randomIntegers = []; // generate the SALT value for ( i = 1 ; i <= 12 ; i++ ) { arrayAppend( randomIntegers, randRange( -128, 127, "SHA1PRNG" ) ); } initializationVector = javaCast( "byte[]", randomIntegers ) // encrypt binary enc1 = EncryptBinary(binaryData=b, key=key, algorithm="AES/GCM/NoPadding", IV_Salt=initializationVector, iterations=iterations) // decrypt binary dec1=DecryptBinary(binaryData=enc1, key=key, algorithm="AES/GCM/NoPadding", prefix=initializationVector, iterations=iterations) writeDump(dec1) </cfscript>