B.A Link on salesforce.com ISV partner
Blog Contact Us

Crypto Class

By Chezi Burak on September 2, 2010

Hello all!

Cryptography is one of the basic and important part of protecting data.

The concept of Cryptography is dealing with information security algorithms on various levels. Cryptographic binds under many topics, including: encryption of confidential information, identity verification (like passwords) control access rights and digital signatures.

Therefore it is obvious why Salesforce supports Cryptography methods while integrating with other systems and keeping the data secured in Salesforce itself.

The Apex crypto class provides different algorithms for creating digests, MACs, signatures and AES encryption.

The encryptWithManagedIV method, for example, encrypts a blob text using a specified algorithm, private key and initialization vector which is initialized by Salesforce.

// first, use generateAesKey to generate the private key.
// Generates an Advanced Encryption Standard (AES).
// Use size to specify the key's size in bits. Valid values are: 128, 192, 256
Blob cryptoKey = Crypto.generateAesKey(128);

// Generate the data to be encrypted.
Blob data = Blob.valueOf('Test data to encrypted'); 

// Encrypt the data and have Salesforce.com generate the initialization vector
Blob encryptedData = Crypto.encryptWithManagedIV('AES128', cryptoKey, data);

Use either third-party applications or the decryptWithManagedIV method to decrypt blobs encrypted with this method.

A short demo application for this code:

We will insert a key “ThisKeyIsMyNewPassword” and click the encrypt button and…. hop!

The data was encrypted. We can receive the original data only by using the specified Key and using the decrypt function.

Another interesting algorithm is the generateMac method which computes a message authentication code (MAC) for an input string, using a private key and a specified algorithm. The MAC is appended to a message as a signature. The receiver performs same computation on message and checks if it matches the MAC. This kind of encryption provides assurance that message is unaltered and comes from sender.

conclusion:

The Apex crypto class is a way to protect application and sensitive data by providing algorithms for creating digests, MACs, signatures and AES encryption.

When using the crypto functions to implement AES encryption, keys must be stored securely in a Protected Custom Setting.

References:

  • Share/Bookmark

Posted in | 1 Response

Metadata & Metadata API

By Gottlieb Yonathan on August 23, 2010

Hi all,

Metadata is “structured information that describes, explains, locates, or otherwise makes it easier to retrieve, use or manage an information resource” (NISO, 2004, p.1)

Metadata is usually categorized in three types (Lambe, 2007; NISO, 2004; NISO, 2007):

  • Descriptive metadata (title, author…)
  • Structural metadata documents relationships (e.g., how pages are put together to form chapters).
  • Administrative metadata helps to manage information resources through elements such as version number, archiving date, and other technical information for purposes of file management, rights management and preservation.

In SalesForce the Metadata API allows us to retrieve, deploy, create, update or delete customization information (Page layout, Tabs, Objects …). Most of the customization information is described in salesforce as metadata. This allows the user (Developer/IT in most cases) to modify the customization of its org directly from the metadata without going into the setup (Which may prove to be much faster in case you want to copy a custom object with all these fields, for example).

Each new version of Salesforce.com is composed of a new version of the API( Obviously Salesforce support previous versions of the Metadata API).

How it works ?

Salesforce allows us thanks to its product or add-in simple ways to use the metadata API :

  • Force.com IDE
  • Force.com Migration Tool
 Custom Object Metadata


        Accept
        Default

    Deployed
    true
    true
    true

        Description__c
        
        32000
        LongTextArea
        5

…

        Date_Rules
        true
        Start_Date__c > End_Date__c
        Invalid Date

How to add a new field via the API ?

Retrieve the relevant object via Eclipse
Add the following code in the metadata

description__c

48
Text

Save

Export the customizations in your organization as XML metadata files.

Migrate configuration changes between organizations. (Prod  Sandbox)

Modify existing customizations in your organization using XML metadata files.

Manage customizations in your organization programmatically.

Salesforce.com support previous versions of the Metadata API.

Wikipedia -Metadata

http://en.wikipedia.org/wiki/Metadata#Web_pages

Metadata API Developer’s Guide

http://www.salesforce.com/us/developer/docs/api_meta/api_meta.pdf

Understanding the Metadata API

http://www.salesforce.com/us/developer/docs/api_meta/Content/meta_intro.htm

Force.com IDE Release Notes

http://wiki.developerforce.com/index.php/Force.com_IDE_Release_Notes

Salesforce.com Summer ’10 Release Notes

https://na1.salesforce.com/help/doc/en/salesforce_summer10_release_notes.pdf

  • Share/Bookmark

Posted in , | Tagged , , , , | Leave a response

Cookie’s on SalesForce

By Ronen Yizhaki on July 28, 2010

Hello everybody.

Today I’m going to show some new features of spring 10 release , SalesForce Cookies.

The Objective:
Using Cookies with  SalesForce Cookie Class.

Now, I am going to show an example how to use a cookie with SalesForce Cookie Class.
I built a page with a simple Text field as shown below:

After entering the name  and pressing “Add To Cookies” Button , the new name will make new to cookie under the name ‘mycookie’. After pressing “Show Cookie” the new name will be displayed in the page under the two buttons.

The Back Code:

 Back Code
public string Name{get; set;}
public string NameAtCookie{get; set;}

//You can't do this!!! Cookie Class isn't Serializeable
//public Cookie myCookies; 

public Pagereference addToCookie(){

InsertValueToCookie(Name);
return null;
}

public Pagereference showCookie()
{
SetCookieToNameAtCookies();
return null;
}

public void InsertValueToCookie(string val)
{
 /* create a new cookie with name 'counter', an initial value of Name at the page,
path 'null', maxAge '-1', and isSecure 'false'.*/

Cookie myCookies=new Cookie('mycookie',val,null,-1,false);
ApexPages.currentPage().setCookies(new Cookie[]{myCookies});
}

public void SetCookieToNameAtCookies()
/* reading the value of the cookie   'mycookie' , and insert him to 'NameAtCookie' field */

Cookie myCookies = ApexPages.currentPage().getCookies().get('mycookie');
NameAtCookie=myCookies.getValue();
}

The Page:

 VisualForce Page

Enter new name


The Name set's in cookie is : {!NameAtCookie}

Simple as it seems!

Have a nice day from BALINK

  • Share/Bookmark

Posted in , , | Tagged , , , | 1 Response

Home | Products | Solutions | Case Studies | About BALINK | Copyright 2011 BALINK Limited.All rights reserved