Skip to main content

Use Encryption in Custom Applications

Learning Objectives

After completing this unit, you’ll be able to:

  • Describe the Apex Crypto class.
  • Explain the different use cases for the Apex Crypto class and custom encryption.
  • Implement encryption in your own application.

What Is the Apex Crypto Class?

When it comes to implementing encryption in your Salesforce application, Apex gives you the flexibility to write your own custom cryptographic functions while granting you the ability to use a wide range of prebuilt functions. In this unit, you learn some of the powerful functions Salesforce offers for creating digests, message authentication codes (MACs), signatures, and encryption and decryption functions through the Apex Crypto class.

The Crypto class provides sets of functions that are particularly valuable for safeguarding your communications. Using these functions, you can effectively shield confidential data from eavesdroppers, verify that message data is complete and unmodified, and verify the authenticity of senders and receivers. Each of these functions supports a range of different algorithms. This provides a good degree of control over the composition of your solution, while still minimizing the burden of extra work required to secure your application.

Encryption and Decryption to Protect Confidentiality

Encryption and decryption can be handled with ease and flexibility with the Apex Crypto.Encrypt() and Crypto.Decrypt() functions, which support AES128, AES192, and AES256 algorithms. Encryption and decryption functions are essential for ensuring the confidentiality of your application data. You then have the option to generate your own encryption key, or use the Crypto.generateAESKey(Integer keylength) method. To secure the encryption keys, you can use techniques you learned in the previous unit for storing secrets in protected custom metadata types or protected custom settings.

Hash Digests to Protect Integrity

Another useful function for verifying data integrity is the Apex Crypto.generateDigest() function. This method generates a one-way hash digest and supports algorithms such as MD5, SHA1, SHA256, and SHA512. These hash digests can serve a valuable purpose in identifying accidental data corruption (or other unwanted modifications). By performing comparison checks on hash digests, you can quickly discover changes to data. Because the recomputed digest of that data will not match the original digest, you can confirm that the data has been modified. This can alert you to events such as data corruption, accidental changes, or malicious alterations.

Note that hashing algorithms have varying degrees of strength in terms of security. Although the Crypto class supports MD5, it’s considered a weak hashing algorithm, so Salesforce suggests using SHA2 or higher to compute hash digests.

Hash-Based Message Authentication Codes (MACs) to Prove Authenticity and Integrity

Another useful function is the Apex Crypto.generateMac() method, which can be used to create MACs. MACs can be used alongside message digest functions to set up hashed MACs (HMACs). HMACs are used in both TLS and IPSec protocols for authenticating message senders and ensuring that messages are not modified (or interceptable) in transit.

The Crypto.generateMac()method supports the HMACMD5, HMACSHA1, HMACSHA256, and HMAC512 algorithms. HMAC functions involve the use of message digests and a shared key that the sender uses to generate a MAC, and which the receiver uses to verify the MAC. Because the receiver has to verify the MAC using the shared private key, that indicates the authenticity of the message sender. The message digests can then be compared to allow the receiver to confirm that the message wasn’t modified in transit—that is, via a person-in-the-middle attack.

Creating a Digital Signature

Digital signatures ensure the integrity and authenticity of messages using asymmetric cryptography in order to eliminate the need to share private keys. To generate a digital signature, you can use the Crypto.sign() function, which uses the specified algorithm and private key to create a signature of the input data. With this setup, the receiver of a message can use the matching public key to verify the integrity of the signed data.

Now that you know how to implement some encryption methods in your Salesforce application, you can use Apex flexibility to leverage prebuilt functions to help keep your data private.

Encryption, along with platform features like those offered by the Apex Crypto class, help you ensure the security of the applications you build for the Salesforce Platform.

WARNING!

Cryptography, including key management, is a high-risk development activity. When implementing any cryptographic functionality, ensure that all work is reviewed in detail by an application security professional with cryptographic experience. Vulnerabilities in the process of encrypting data can result in severe privacy and confidentiality breaches.

Resources

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback