Using cryptography to secure data

Cryptography provides a means to secure data from unauthorized access. Using cryptographic functions, you can perform such operations as "scramble" (encrypt) the initially human-readable (clear text) contents of a character string so that the contents of the string is no longer humanly readable. If you are authorized, you can later "unscramble" (decrypt) such encrypted data so that it is humanly readable again. You can also ensure the integrity of data to verify that it has not been changed in an unauthorized manner.

The science of cryptography offers many techniques for securing data. OpenEdge supports symmetric key encryption and decryption to make data confidential as well as one-way hashing to generate password-based encryption (PBE) keys and generate values for verifying data integrity in ABL.

Using these ABL cryptographic facilities, you can:

Create and maintain a consistent cryptography policy that determines how cryptography is managed in your application

Generate cryptographic keys, the "secret" codes used to seed the ciphers (algorithms) used to encrypt and decrypt data and that can become part of your cryptography policy

Encrypt and decrypt data based on a choice of standard cryptographic algorithms that can also become a part of your cryptography policy

Create and use message digests to guarantee the integrity of data that you move from one place to another

Caution: Do not use the cryptographic facilities described in this section unless you are thoroughly versed in the use of cryptography within a comprehensive application security framework. Incorrect use of these facilities can result in corrupted or otherwise lost and permanently unrecoverable data.

For a general overview of cryptography and how you can use cryptography in OpenEdge, see OpenEdge Getting Started: Core Business Services - Security and Auditing.

These sections describe the basic ABL cryptographic facilities available and how you can use them in an ABL application.