These days I have been racking my brain to encrypt sensitive data in my programs, the passwords that are stored in the database, or the connection data to the database that in many PowerBuilder applications that I have seen are stored in . ini without any protection.
At first I thought of using a simplification of PowerBuilder's CrypterObject, putting a Fixed Key and a fixed Initiation Vector to use the SymetricEncrypt function. Then I realized that my programs are uploaded to GitHub in a plain text file and my decryption keys were going to be exposed there, so I thought about moving these to the .ini file as could be done in a .Net Api in the that we would store the connection data in the AppSetting.json configuration file.
But this option did not convince me either, since if I put the encryption keys and connection string values encrypted with those keys in the same file, anyone could decrypt those values.
So I thought about encrypting the Key and the Vector within a Json in the style of a Token, so that the application only has in the code a master key and a master vector that only serves to decrypt that token that in turn provides us the key and the initiation vector to encrypt and decrypt from our app.
A bit of the scheme to apply in an application would be:
blogger.googleusercontent.com/img/b/R29v...dw/s1082/esquema.png
I have also incorporated a very useful feature: the ability to Autogenerate Keys. This means they can now automatically generate the Key and Vector for both the application and the JSON.
As always, I leave you the current project link on GitHub:
github.com/rasanfe/EncryptGenerator
Attached here is the project compiled today in PowerBuilder 2022R3 Build 3356.
I always recommend going to the github links to find the latest version.
To be aware of what I publish you can follow my blog in Spanish:
rsrsystem.blogspot.com