function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Eager-2-LearnEager-2-Learn 

Encrypting Text, Storing it and then Decrypting It?

Hi,

I found a code snippet that shows how to encrypt and decrypt using a key that is built on the fly but I can't figure out how to have a hard-code key in the code or store the key in SFDC and retrieve it within the same code chunk.

 

What I am doing is building a small app that will allow users to store website information, user id and passwords but I want only the owner to be able to see the password information.  I want it so that even me as an admin permission, not to be able to see the password.

 

 

This is the code sample that I referered too:

// Use generateAesKey to generate the private key  
    
Blob cryptoKey = Crypto.generateAesKey(256);

// Generate the data to be encrypted.  
    
Blob data = Blob.valueOf('Test data to encrypted');

// Encrypt the data and have Salesforce.com generate the initialization vector   
    
Blob encryptedData = Crypto.encryptWithManagedIV('AES256', cryptoKey, data);

// Decrypt the data  
    
Blob decryptedData = Crypto.decryptWithManagedIV('AES256', cryptoKey, encryptedData);

 

.

 

 

 

SuperfellSuperfell

But if the key is in the apex code, then the admin can grab the key and decode the data anyway.

Eager-2-LearnEager-2-Learn

Well the business rule would be that the admin doesn't do that but I just didn't want the admin to use the application like anyone else would use it and actually see the password.  I am building this app that allows users to store passwords for websites or whatever.  Idealy my company is not going to allow this but I needed something to build to get me motiviated and learn triggers and apex.  If you have any other type of suggested approach I would be glad to here from you.

 

I figured out how to get it to do what I wanted (see below).  I used the key generator that came with the DataLoader.  So this is my thought on how to use the code.  when the user saves the record I will have the encryption code in an insert trigger.  Now here is my new problem.  What trigger would I use to execute the decryption code only if the owner of the record is viewing the record?  If that is not possible is there a way to add a Decript button on the page layout and have it execute the decryption code and show the password in a dialog box?

 

Actually in stead of storing the key in the code I would like to figure out how to store it in Custom Settings and be able to retrieve the value within Apex?

 

// Use generateAesKey to generate the private key 
   
//Blob cryptoKey = Crypto.generateAesKey(256);
Blob cryptoKey = Blob.valueOf('380db410e8b11fa9');

// Generate the data to be encrypted. 
   
Blob data = Blob.valueOf('Test data to encrypted');

// Encrypt the data and have Salesforce.com generate the initialization vector  
   
Blob encryptedData = Crypto.encryptWithManagedIV('AES128', cryptoKey, data);

// Decrypt the data 
   
Blob decryptedData = Crypto.decryptWithManagedIV('AES128', cryptoKey, encryptedData);
String decryptedString = decryptedData.toString();
System.debug('ZZZ - Encrypt  ' + encryptedData.toString());
System.debug('ZZZ - Decrypt: ' + decryptedString);

Atif MohammedAtif Mohammed
Normal i have an encrypted field security_code__c and i want to decrypt it.soo how should i go for it.