Decrypt()

Decrypts a string that is encrypted with the Encrypt function.


	Decrypt( encrypted_string=string, key=string, algorithm=string, encoding=string, IVorSalt=any, iterations=number, precise=boolean );

Returns: String

Argument	Description	Default
encrypted_string _{string, required}	edit String to decrypt. _{Alias: encryptedString, string}
key _{string, required}	edit Key or seed used to encrypt the string. For the CFMX_COMPAT algorithm, any combination of any number of characters; used as a seed used to generate a 32-bit encryption key. For all other algorithms, a key in the format used by the algorithm. For these algorithms, use the GenerateSecretKey function to generate the key.
algorithm _{string, optional}	edit The algorithm to use to decrypt the string. Must be the same as the algorithm used to encrypt the string. CFMX_COMPAT(default): the CFML specific algorithm. This algorithm is the least secure option AES: the Advanced Encryption Standard specified by the National Institute of Standards and Technology (NIST) FIPS-197 BLOWFISH: the Blowfish algorithm defined by Bruce Schneier DES: the Data Encryption Standard algorithm defined by NIST FIPS-46-3 DESEDE: the "Triple DES" algorithm defined by NIST FIPS-46-3 You may also specify other algorithm names as well as the feedback mode and padding scheme where applicable (in the format algorithm/mode/padding) as documented in the Java Cryptography Architecture (JCA) Reference Guide.	cfmx_compat
encoding _{string, optional}	edit The binary encoding used to represent the data as a string. Must be the same as the algorithm used to encrypt the string. Base64: the Base64 algorithm, as specified by IETF RFC 2045 Hex: the characters A-F and 0-9 represent the hexadecimal byte values UU(default): the UNIX standard UUEncode algorithm	uu
IVorSalt _{any, optional}	edit Initialization Vector for algorithms with Feedback Mode that is not ECB, or Salt for Password Based Encryption algorithms _{Alias: IV, Salt}
iterations _{number, optional}	edit number of Iterations for Password Based Encryption algorithms (ignored for all other algorithms). NIST recommends a minimum value of 1000.
precise _{boolean, optional}	edit if set to true the input must follow the rule for that encoding a 100%, the decryptor will not try to interpret inputs that are not a 100% correct. This should be used to avoid false positives. Introduced: 6.0.0.227	true

Usage Notes

edit

The new precise argument can be set to false for backwards compatibility LDEV-4101

Examples

edit

key=generateSecretKey("BLOWFISH");
testEncrypt = encrypt("safe_our_tree",key,"BLOWFISH","base64");
testDecrypt = decrypt(testEncrypt,key,"BLOWFISH","base64");
writeDump(testDecrypt);

Related System Properties / Environment Variables

LUCEE_ENCRYPTION_ALGORITHM - Default encryption algorithm used when none is specified. The default `cfmx_compat` is not cryptographically secure - strongly recommended to use `AES` instead. Valid values: `CFMX_COMPAT`, `AES`, `BLOWFISH`, `DES`
Type: string, Default: cfmx_compat

Decrypt()

Usage Notes

Examples

Related System Properties / Environment Variables

See also