UserGuide

Cryptography

From Xojo Documentation

Using the Cryptography functions, you can encrypt or hash your text for security purposes. The Crypto module contains these methods:

  • Hash
  • HMAC
  • PBKDF2

For each of these you specify the data and the algorithm to use with the Crypto.Algorithm enumerations:

  • MD5
  • SHA1
  • SHA256
  • SHA512

In addition, there are MD5, SHA1, SHA256, and SHA512 functions which are convenience methods for Crypto.Hash. There are also methods for RSA public/private key encryption:

  • RSADecrypt
  • RSAEncrypt
  • RSAGenerateKeyPair
  • RSASign
  • RSAVerifyKey
  • RSAVerifySignature

Usage

This code calculates the hash of the supplied text using SHA256:

Dim value As String
value = Crypto.SHA256("DataToEncrypt")

RSA Public Key Encryption

With Public Key Cryptography there are two keys: a public key and a private key. The person who wants to receive an encrypted message generate both of these keys. This can be done in Xojo using the Crypto.RSAGenerateKeyPair function:

Dim privateKey As String
Dim publicKey As String
If Crypto.RSAGenerateKeyPair( 1024, privateKey, publicKey ) Then
// 1024-bit private and public keys
// were generated
End If

The private key is not shared with anyone. The public key can be shared with anyone. To make the public key more presentable, converting it to Base64 is a good idea:

viewablePublicKey = EncodeBase64(publicKey)

So if you created both a private and public key and shared the public key, others can now create encrypted messages that only you will be able to decrypt. These people create the encrypted message for you by encrypting it using the public key:

Dim publicKey As String = DecodeBase64(PublicKeyArea.Text)
Dim textMessage As String = "Top-secret message."
Dim msg As MemoryBlock
msg = textMessage
// Encrypt msg using the publicKey
Dim encryptedData As MemoryBlock = Crypto.RSAEncrypt( msg, publicKey )
If encryptedData <> Nil Then
MsgBox("Successfully encrypted.")
End If

This encrypted message can be sent to you, although again converting it to Base64 can make it simpler to send:

Dim msgToSend As String = EncodeBase64(encryptedData)

When you receive the message, you can decrypt it using your private key:

encryptedData = DecodeBase64(encryptedMsg)
Dim decryptedData As MemoryBlock = Crypto.RSADecrypt( encryptedData, privateKey )
Dim msg As String = decryptedData
MsgBox(msg)

Keep in mind that these “messages” that are being encrypted have to be pretty short (usually just a couple hundred characters, but it depends on the number of bits you use to create the keys).

So typically you use the messages to communicate a “secret key” of some kind that can be used to decrypt an actual message that was encrypted using some other technique (such as AES).

As an example, here is how two people might send a large amount of encrypted data using an encrypted database:

  1. Julie creates a SQLite database, adds data to it and encrypts it using a secret password.
  2. Paul creates an RSA Public/Private key pair and gets the Public key to Julie.
  3. Julie encrypts the secret password using the Public Key from Paul to get an encrypted message that she sends to Paul.
  4. Paul can decrypt the message from Julie using his Private Key to get the secret password.
  5. Julie sends the encrypted database to Paul.
  6. Paul accesses the database using the secret password he previously decrypted.

This is secure because the database cannot be accessed by anyone that does not have the secret password and only the person with the RSA Private Key pair for the Public Key used to encrypt the secret password will be able to decrypt it to access the database.

There is more to RSA encryption, including padding techniques that further improve security. You can learn more about RSA from its Wikipedia topics.

See Also

Crypto module; UserGuide:Framework topic

Retrieved from "http://docs.xojo.com/index.php?title=UserGuide:Cryptography&oldid=60110"