Cryptography in GeneXus

Official Content
This documentation is valid for:

Deprecated: Since GeneXus X Evolution 3. Replaced by Cryptography data types.

 

Spanish version

A library has been implemented that includes basic encryption and digital signature features for the .Net generator.

This library, which is integrated into GX X as a set of external objects and a support DLL, allows you to:

Create and validate digital signatures
-Encrypt texts or files

This will make it possible to include encryption features for the clients that need to use it in their applications.

Below are described the data types that have been added to the language through this library.

CryptographicHash

It allows you to create a hash for a given text.

Supported algorithms:

-          MD5

-          RIPEMD160

-          SHA1

-          SHA256

-          SHA384

-          SHA512

Members

CryptographicHash Create( string algorithm)

Static method to create the object; it receives a string with the name of the algorithm to use.

base64string ComputeHash(string data)

Method to obtain the hash value.

Example

&hashAlg:CryptographicHash
&hashAlg = CryptographicHash.Create( "MD5")
&outp = &hashAlg.ComputeHash(&text)

PKCS1Signature

It allows you to handle basic digital signatures with public-private key pair using X.509 certificates. 

Members

string ErrorMessage
It returns the text of the last error that occurred.

X509Certificate2 Certificate
X.509 certificate that provides the keys to sign with.

base64string Sign(string text)
Given a text, it returns a signature for this text using the information of the certificate that has been configured.

 

bool VerifySignature(base64string signature, string text)
Given a text and a signature, it checks whether the signature corresponds to the text using the information of the certificate that has been configured.

Example 

 

&pkcs1.Certificate = CryptoUtils.GetCertificateFromFile1(&pathCertificado, &clave)
&firma = &pkcs1.Sign( &texto)
...
...
if (&pkcs1.VerifySignature( &firma, &texto ))
    &error = "Firma valida!"
else
    &error = &pkcs1.ErrorMessage
endif

PKCS7Signature

It allows you to handle digital signatures in PKCS7 format, with public-private key pair using X.509 certificates.

Members

X509Certificate2 Certificate
X.509 certificate that provides the keys.

bool Detached
It indicates if the signature contains the encrypted data.

bool ValidateCertificates
It determines if the certificate should also be validated when checking a signature (false by default)

string ErrorMessage
It returns the text of the last error that occurred.

string Sign(string text)
Given a text, it returns a signature for this text using the information of the certificate that has been configured.

bool VerifySignature(string signature, string text)
Given a text and a signature, it checks whether the signature corresponds to the text using the information of the certificate that has been configured.

string ExtractEnvelopedData(string dataWithSignature)
Given a signature that contains the signed information, it extracts its text.

Example

&pkcs7.Certificate = CryptoUtils.GetCertificateFromFile1(&certificado, &clave)
&pkcs7.Detached = true
&firma = &pkcs7.Sign( &texto)
...
...
if (&pkcs7.VerifySignature( &firma, &texto ))
    &error = "Firma valida!"
else
    &error = &pkcs7.ErrorMessage
endif

SymmetricEncryption

It allows you to encrypt a text or a file using a symmetric algorithm. The supported algorithms are:

-          Rijndael
-          DES
-          RC2
-          TripleDES

Members

string Key
Encryption key, which is automatically generated upon creating the instance.

string IV
Encryption initialization vector, which is automatically generated upon creating the instance.

int ErrorCode
Error code of the last operation performed (0=ok, 1=error)

string ErrorDescription
Error description of the last operation performed.

int KeySize
Key size

List<string> LegalKeySizes
Possible key sizes supported by the selected algorithm.

int BlockSize
Block size

List<string> LegalBlockSizes
Block sizes supported by the selected algorithm.

SymmetricEncryption Create(string algorithm)
Static method to create an instance of the encryption algorithm. It receives as parameter a string with the name of the algorithm to be created.

base64string EncryptString(string inStr)
It returns the given text encrypted according to the algorithm, key and initialization vector that were configured.

string DecryptString(base64string inData)
It returns the given text decrypted according to the algorithm, key and initialization vector that were configured.

EncryptFile(string inFileName, string outFileName)
It encrypts a given file.

DecryptFile(string inFileName, string outFileName)
It decrypts a given file.

Example

Event'encrypt'
      &symCrypter = SymmetricEncryption.Create( "rijndael")
      &key = &symCrypter.Key
      &IV = &symCrypter.IV
      &encrypted = &symCrypter.EncryptString(&input)
EndEvent 
Event'decrypt'
     &symCrypter = SymmetricEncryption.Create( "rijndael")
      &symCrypter.Key = &key
      &symCrypter.IV = &IV
      &outp = &symCrypter.DecryptString(&encrypted)
EndEvent 

 

Criptography sample


 


Was this page helpful?
What Is This?
Your feedback about this content is important. Let us know what you think.