Cryptography support in Business Central
In AL there is a codeunit called Cryptography Management (Codeunit 1266) which provides helper functions for encryption and hashing. Cryptography is used to keep the data safe by encrypting and depcrypting the data so that others canot misuse the data.
This post covers only basic usege of Cryptography Management codeunit. The following are the topics convered in this post.
Encryption Key
Importing / Exporting Encryption Key
Encrypt / Decrypt data
Encryption Key
Encryption Key is a unique string used by Cryptography Management for data encryption. This is maintained at the tenent level. This key is generated by using .NET Framework Data Protection API interally by enabling Encryption Key.
The following code enables Encryption programatically:
local procedure EnableEncryptionKey()
var
CryptographyManagement: Codeunit "Cryptography Management";
begin
CryptographyManagement.EnableEncryption(true);
end;Encryption can be enabled using "Data Encryption Management" page, by clicking Enable Encryption action button.
In Business Central online this is by default Enabled, and it can not be disabled.
After clicking Enable Encryption action button, it ask you to download a copy of encryption key so that you can keep it in a safe location.
Importing / Exporting Encryption Key
In this page there are few more options like Export Encryption Key, Import Encryption Key and Change Encryption Key.
Export Encryption Key - To backup exiting encryption key.
Import Encryption Key - Existing encrytion key can be restored / imported using this option.
Change Encryption Key - When encryption is already enabled, you can use this option to change encryption key.
Encrypt / Decrypt data
You can encrypt secret data using Encrypt method, and when it is need you can decrypt the data using Decrypt method.
The following code encrypts the text 'Hello':
local procedure TryEncrypt()
var
CryptographyManagement: Codeunit "Cryptography Management";
EncryptedText: Text;
begin
EncryptedText := CryptographyManagement.Encrypt('Hello');
// pIuF3czIJLvv/KRQUKoGyXa2h2TEBonmxtlHu5lNJo4irzb5srQQl5isHuw182aL+op2FuehEq5/o0/8Nr3N1B34E8pbXdXRcC77sL+EfrXxZ2szebHNaQ47W6bTfLdLE4qYIQgcXx5s0VtFc6yLwvVe7bKHG02o8bYh6kiKrDIWdgwZyN5lOpbOrwMhl+ISAZo3iFrhR1OSnWF2uhCn4yyvGjhgA0Yp+9akLZqi8KycECRyIxhiGtSlg99be2aklDMWhGnNNTkL/BCxcEGPqp8ccXjMr/k5tRyw4VZsHSwYKIjnSUiVawh+1GqryG18vHV7JVpXyb1JFRDIkQ3uCQ==
end;The following code decrypts the encryped text to 'Hello':
local procedure TryDecrypt()
var
CryptographyManagement: Codeunit "Cryptography Management";
EncryptedText: Text;
Data: Text;
begin
EncryptedText := 'pIuF3czIJLvv/KRQUKoGyXa2h2TEBonmxtlHu5lNJo4irzb5srQQl5isHuw182aL+op2FuehEq5/o0/8Nr3N1B34E8pbXdXRcC77sL+EfrXxZ2szebHNaQ47W6bTfLdLE4qYIQgcXx5s0VtFc6yLwvVe7bKHG02o8bYh6kiKrDIWdgwZyN5lOpbOrwMhl+ISAZo3iFrhR1OSnWF2uhCn4yyvGjhgA0Yp+9akLZqi8KycECRyIxhiGtSlg99be2aklDMWhGnNNTkL/BCxcEGPqp8ccXjMr/k5tRyw4VZsHSwYKIjnSUiVawh+1GqryG18vHV7JVpXyb1JFRDIkQ3uCQ==';
Data := CryptographyManagement.Decrypt(EncryptedText);
end;Conclusion
In the early versions on Business Central / NAV, to achieve this functionality we had to use .Net variables. Now its part of System. There are many other methods in "Cryptography Management" codeunit you must try.
Happy Coding!!!