Mister Dai's Blog

To cut to the chase.

ColdFusion 8 Standard “SHA-512″.

ColdFusion 8 Enterprise and ColdFusion 8 Developer “SHA512 & SHA-512″.

I was lazy and didn’t bother checking the manual for the exactly hash algorithm name used by ColdFusion.  So I guessed as “SHA512″ and it worked correctly.  The problem came when the web application using this code was installed on ColdFusion 8 Standard and it didn’t like “SHA512″ at all.

This probably applies to “SHA-1, SHA-224, SHA-256, SHA-384″ as well.

It’s worth keeping in mind that the developer edition of ColdFusion contains the enterprise features and loads an addition Cryptography provider which added the no-dash “SHA512″ support.  It’d be nice if CF didn’t allow the no-dash versions no matter what, but I guess I should just check the manual next time.

Here’s an entry from the server log, showing the extra provider being loaded and the hashes it implements:

Installed JSafe JCE provider: Version 3.6 RSA Security Inc. Crypto-J JCE Security Provider (implements RSA, DSA, Diffie-Hellman, AES, DES, Triple DES, DESX, RC2, RC4, RC5, PBE, MD2, MD5, RIPEMD160, SHA1, SHA224, SHA256, SHA384, SHA512, HMAC-MD5, HMAC-RIPEMD160, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512)