Pete Freitag Pete Freitag

Strong Encryption Technote shows undocumented features

Updated on December 06, 2023
By Pete Freitag

Macromedia has just released a technote (was published at entitled: Strong Encryption in ColdFusion MX 7. It has lots of information useful to anyone planning to work with these features. In addition I noticed mention of two undocumented arguments in the Encrypt() and Decrypt() functions. There are also two undocumented encryption types.

The two encryption types are PBEWithMD5AndDES, and PBEWithMD5AndTripleDES - both password based encryption algorithms. Password based algorithms use a MD5 hash to change your password into an encryption key.

The two new arguments are IVorSalt, and iterations. The IVorSalt argument is for passing either an Initialization Vector (for block based encryptions AES, DES, Blowfish), or for passing a binary salt value for password based encryption (PBE) algorithms. The iterations argument is only for PBE algorithms, and is the number of iterations to transform the password into a binary key.

The technote also shows you how to create encryption keys manually, use different feedback, or padding modes, how to install unlimited strength encryption policy files, and also how to install other security providers.

So if your going to be using Strong Encryption in CFMX 7, you should check out the technote.

coldfusion 7 crypto cfml

Strong Encryption Technote shows undocumented features was first published on February 22, 2005.

If you like reading about coldfusion 7, crypto, or cfml then you might also like:


The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.

Try Fixinator

The weekly newsletter for the CFML Community