# Cryptography The `System.Crypto` library provides modern, high-performance cryptographic primitives. It covers hashing, symmetric/asymmetric encryption, and secure token generation. ## Hashing Hashing converts data into a fixed-length string (digest). Use `HashSHA256` or `HashSHA3_256` for modern applications. ```pascal uses System.Crypto; var data := 'Hello World'; var digest := HashSHA256.HashData(data); PrintLn('SHA256: ' + digest); // OUTPUT // SHA256: a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e ``` ## Authenticated Encryption Always use "authenticated" encryption (like `AES-CTR` with `HMAC`) to ensure data cannot be modified without detection. `EncryptionAESSHA256Full` simplifies this by handling all the complexity. ```pascal uses System.Crypto; var key := 'SuperSecretKey123'; var plain := 'Secret Data'; // Encrypt var encrypted := EncryptionAESSHA256Full.EncryptData(plain, key); // Decrypt var decrypted := EncryptionAESSHA256Full.DecryptData(encrypted, key); PrintLn('Decrypted: ' + decrypted); // OUTPUT // Decrypted: Secret Data ``` ## Key Derivation (PBKDF2) Never store passwords in plain text. Use `PBKDF2_HMAC_SHA256` to derive a secure hash with a unique salt and high iteration count. ```pascal uses System.Crypto; var salt := 'FixedSaltForDemo'; var pass := 'myPassword'; var hash := PBKDF2_HMAC_SHA256(pass, salt, 10000); PrintLn('PBKDF2 Hash: ' + hash); // OUTPUT // PBKDF2 Hash: 1b4be021e88be4692f9475040079a9bb8ee54f2cddf845fdb6820259cc34a424 ``` ## Asymmetric Crypto (ECC & RSA) DWScript supports **Elliptic Curve Cryptography** (secp256r1) and **RSA** for digital signatures and public-key encryption. * Use `ECCsecp256r1` for high-performance signatures. * Use `TRSAKey` for compatibility with traditional RSA systems. :::info ### Related Reference For a full list of supported algorithms (RIPEMD, CRC32, etc.) and low-level encryption details, see the reference documentation: * **[Crypto API Reference](/ref/crypto)** :::

Cryptography

The System.Crypto library provides modern, high-performance cryptographic primitives. It covers hashing, symmetric/asymmetric encryption, and secure token generation.

Hashing

Hashing converts data into a fixed-length string (digest). Use HashSHA256 or HashSHA3_256 for modern applications.

uses System.Crypto;

var data := 'Hello World';
var digest := HashSHA256.HashData(data);

PrintLn('SHA256: ' + digest);

Result

SHA256: a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e

Authenticated Encryption

Always use "authenticated" encryption (like AES-CTR with HMAC) to ensure data cannot be modified without detection. EncryptionAESSHA256Full simplifies this by handling all the complexity.

uses System.Crypto;

var key := 'SuperSecretKey123';
var plain := 'Secret Data';

// Encrypt
var encrypted := EncryptionAESSHA256Full.EncryptData(plain, key);

// Decrypt
var decrypted := EncryptionAESSHA256Full.DecryptData(encrypted, key);
PrintLn('Decrypted: ' + decrypted);

Result

Decrypted: Secret Data

Key Derivation (PBKDF2)

Never store passwords in plain text. Use PBKDF2_HMAC_SHA256 to derive a secure hash with a unique salt and high iteration count.

uses System.Crypto;

var salt := 'FixedSaltForDemo'; 
var pass := 'myPassword';

var hash := PBKDF2_HMAC_SHA256(pass, salt, 10000);
PrintLn('PBKDF2 Hash: ' + hash);

Result

PBKDF2 Hash: 1b4be021e88be4692f9475040079a9bb8ee54f2cddf845fdb6820259cc34a424

Asymmetric Crypto (ECC & RSA)

DWScript supports Elliptic Curve Cryptography (secp256r1) and RSA for digital signatures and public-key encryption.

Use ECCsecp256r1 for high-performance signatures.
Use TRSAKey for compatibility with traditional RSA systems.

Related Reference

For a full list of supported algorithms (RIPEMD, CRC32, etc.) and low-level encryption details, see the reference documentation:

Crypto API Reference

← Web Security Database (SQL) →