Listing 2 demonstrates how to create a hash of a message using the PowerBuilder Crypto Library. First you have to call of_GetInstance to get an instance of the PBCrypto object. With the PBCrypto object, you can call the actual cryptographic function. In the sample, it's the GenerateMessageDigest that takes as arguments the hash type and the message to be hashed and returns the hash. You have to wrap a TRY...CATCH block around the calls to catch the NoSuchAlgorithem-Exception, in case a crypto provider doesn't implement a function you request by name.

A Single DLL

The Microsoft Crypto API and the PowerBuilder Crypto Library are comprehensive solutions that normally cover all of your cryptographic needs. On some occasions, however, these solutions do a lot more than you might need or you don't want to deal with the side effects of these solutions. Accessing the Microsoft Crypto API isn't too easy and deploying the PowerBuilder Crypto Library to a lot of client PCs might be a challenge.

If you prefer to use a single DLL for cryptographic functions, look at the Crypto++ library (www.eskimo.com/~weidai/cryptlib.html). This library is public domain and contains everything you need when it comes to cryptography. We've used this library in our projects for years but some C++ coding is necessary to include it in PowerBuilder projects.

Many cryptographic algorithms are public domain and the C source is available on the Web. With so-called test vectors (defined input and output), you can prove the quality of the implementation. With these public domain cryptographic functions, you can compile a simple DLL that you can distribute with your application. We create the CATCryptLT DLL containing a SHA-1 hash function and the Rijndael (also known as AES) encryption/decryption with 128 bits. You can download this DLL including the PowerBuilder source to access the functions from our Web site at www.catsoft.ch.

Conclusion

There are various ways to encrypt data in PowerBuilder. Before you decide which one to use, you have to find out what you want to achieve with it. Maybe it's just the encryption of a password before storing it in the database. You might need to encrypt data asymmetrically before sending it to a Web service. It could be certificate-based SSL communication with a host. Don't forget to think about the deployment. What can be installed on the PC running the application? Will your solution run in EAServer, maybe even on a Linux box? Depending on these studies, different solutions would be appropriate.