Re: Security Library Usage
Hi Tom
It may worth watching this video from Learning center, if you haven't yet.
[url]https://learning.dataaccess.com/courses/security-the-basics/[/url]
Regards
Re: Security Library Usage
Hi, Tom!
I'm not sure if there's a document containing the layout of class structure, but basically the classes you'll need to use are the ones shown in the course at the Learning Center.
Regarding password storage, you're correct. You'll use the cSecurePasscodeStorageMethod and configure it to use one of the supported password hashing algorithms (piPasscodeHashImplementation property).
To store a password, you call the StorageString method. To verify a password, you call the Verify method. The storage string contains a hash and this is bigger than the original password. I think the default size is 128 bytes for the hashed password, but according to the Libsodium documentation, the output may be smaller than that.
For the encryption, you should use one of the AES encryption algorithms supported by the library: AES CBC or AES GCM for authenticated encryption. Generic hashes can't be used for that because they generate hashes and those can't be reverted back to plain text.
For encryption, the key used for the encryption needs to be securely stored. It should be secret.
In the library, you can use the cSecureSymmetricKeyEncryptionMethod class and set the desired encryption algorithm in the piEncryptImplementation property.
I created a sample workspace to demonstrate the DataFlex Security Library ([URL="http://www.dataaccess.com.br/SamplesDFSecurityLib.zip"]www.DataAccess.com.br/SamplesDFSecurityLib.zip[/URL]). The samples there are similar to the ones in the Learning Center.
Best Regards
Re: Security Library Usage
Hi [COLOR=#333333][FONT=Verdana]Joćo
Thanks for getting back to me, that all makes sense. I'll check out the [/FONT][/COLOR][COLOR=#333333]AES encryption algorithms.[/COLOR]