Justin, I was pondering some of your points, too. I've been reading up in the documentation, and trying different ideas. Here is what I have so far:
[code] <!--- if a value is entered in form.CreditCardNumber, then proceed with encryption ---> <cfif len(form.CreditCardNumber)> <!--- set default value for variable "result" in case no value is entered for CreditCardNumber ---> <cfparam name="result" default=""> <!--- generate a key suitable for "AES" ---> <cfset theKey = GenerateSecretKey("AES", 256)> <!--- now do the actual encryption using the "AES" algorithm ---> <cfset result = encrypt(form.CreditCardNumber, theKey, "AES", "UU")> </cfif> <!--- decryption ---> <!--- set default value for variable "form.decrypted" in case no value is present in column CreditCardNumber ---> <cfparam name="form.decrypted" default=""> <!--- does editUser.CreditCardNumber have a value? ---> <cfif len(editUser.CreditCardNumber)> <!--- if so, apply decrypt function ---> <cfset decrypted = decrypt(form.CreditCardNumber, theKey, "AES", "UU")> </cfif> [/code] Hmm. I am still getting error "Variable DECRYPTED is undefined." which is weird since I have defined it -- in scope FORM. I think I am missing a core concept. =) Can you clue me in? Thank you again for your time. Eric -----Original Message----- From: Justin Scott [mailto:leviat...@darktech.org] Sent: Monday, February 18, 2013 6:46 PM To: cf-talk Subject: Re: decryption question > <cfif len(editUser.CreditCardNumber)> > <cfparam name="form.decrypted" default=""> <cfset theKey = > GenerateSecretKey("AES", 256)> <cfset decrypted = > decrypt(form.CreditCardNumber, theKey, "AES", "UU")> </cfif> Since the only place where the "decrypted" variable is being set is within the CFIF block, I'd check to ensure the editUser.CreditCardNumber field wasn't blank as a first step. If you want it to default to a blank value if nothing is present in the database, you'll need to move your CFPARAM tag above the CFIF block so it's not contained within that logic and always gets a default value to work with. As an aside, you shouldn't be generating a new key just before you run the decrypt() call. You would need to use the same key that was used with the encrypt() call when the number was first encrypted in order to decrypt successfully. -Justin ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354578 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm