CryptoKey: Encrypt, Decrypt, Sign, and Verify!

4D solutions have always been safe and stable. This is because 4D invests heavily in developing and updating security features. 4D continues this focus in 4D v18 R4 with a new feature to further enhance its security toolkit. A new class providing a set of methods to perform common cryptographic operations is now available: CryptoKey class.

HDI Sign and verify

Cryptography functions

Cryptography functions can be used to implement security features such as privacy and authentication. The CryptoKey class provides the following cryptography functions:

• sign() and verify(): create and verify digital signatures
• encrypt() and decrypt(): encrypt and decrypt data

 

In addition to these operations, the CryptoKey class also allows you to generate new RSA or ECDSA keys, or load an existing key pair from a PEM definition.

Sign and verify

The sign() and verify() functions allow you to sign and verify message signatures. This makes it possible for you to provide proof of authenticity for digital messages or electronic documents.

Digital signatures provide:

• Message authentication: proof that a known sender has created and signed the message
• Message integrity: proof that the message was not altered after being signed
• Non-repudiation: the signer cannot deny the signing of a document once the signature has been created

 

A message is signed by a private key and the signature is verified by the corresponding public key:

Example

Here is a code snippet showing how you can sign and verify a message signature thanks to the methods of 4D’s new CryptoKey class:

Bob’s side

// Create the message
$message:="hello world"
Folder(fk desktop folder).file("message.txt").setText($message)

// Create a key
$type:=New object("type";"RSA")
$key:=4D.CryptoKey.new($type)

// Get the public key and save it
Folder(fk desktop folder).file("public.pem").setText($key.getPublicKey())

// Get signature as base64 and save it
Folder(fk desktop folder).file("signature").setText($key.sign($message;$type))


/*Bob sent the message, the public key and the signature to Alice*/

Alice’s side

// Get message, public key & signature
$message:=Folder(fk desktop folder).file("message.txt").getText()
$publicKey:=Folder(fk desktop folder).file("public.pem").getText()
$signature:=Folder(fk desktop folder).file("signature").getText()

// Create a key
$type:=New object("type";"PEM";"pem";$publicKey)
$key:=4D.CryptoKey.new($type)

// Verify signature
If ($key.verify($message;$signature;$type).success)

// The signature is valid

End if 

ENCRYPT and DECRYPT

Encryption and decryption is performed using key pairs. The encryption process transforms the original information into an unrecognizable form, while the decryption process converts encrypted data into a form which can be read and understood by a human or a computer.

Effective security requires:

• Private keys remain private
• Public keys can be openly distributed without compromising security

Example

Let’s say I want to encrypt “hello world”. Here’s how to do it:

$encrypted:=$key.encrypt("hello world")

And for decryption:

$status:=$key.decrypt($encrypted)

For more in-depth information, feel free to check out the documentation!

In an upcoming blog post, we’ll show you how far you can go with this class and the possibilities it offers for building sophisticated applications. In the meantime, feel free to share your crypto experiences on the 4D forum!