End-to-End Encryption Module in Mendix

Data security has become a vital aspect of today’s digital world. With the increasing number of data breaches and cyber-attacks, companies are looking for ways to protect their sensitive data.

End-to-End Encryption Module in Mendix (Banner Image) — An armored vehicle with the Mendix Logo on its side. The truck is in front of the words End-to-End encryption, on a blue background.

Mendix offers a secure platform to build and deploy applications. In this blog, we will discuss end-to-end encryption in Mendix using the End-to-End Encryption Module which I created for the Mendix Marketplace. The module uses JavaScript AES from the CryptoJs library for client-side encryption.

Advanced Encryption Standard

Advanced Encryption Standard, or AES for short, is a widely used encryption algorithm that encrypts and decrypts data. It is a symmetric encryption algorithm, which means the same key is used for encryption and decryption. AES encryption is considered one of the most secure and widely used for data encryption.

This blog will talk about how this module was created, how it works, and provide an explanation of the code.

Mendix Version

This module requires Mendix Studio Pro version 8.17.0 or above

Download from the Marketplace

https://marketplace.mendix.com/link/component/117709

How it works

The end-to-end encryption Module is used to transmit data where the data is encrypted from the sender to the recipient. The encryption is done at the endpoints and the data remains encrypted during transmission. End-to-end encryption provides a secure method of transmitting data, as the data is not accessible to anyone other than the sender and the recipient.

To implement end-to-end encryption in Mendix, we need to use JavaScript. In Mendix, JavaScript can be used to extend the functionality of the platform. In this case, we will use JavaScript to implement AES encryption.

Creating the Encryption action

The first step is to create a new JavaScript action in the Mendix project. In the JavaScript action, we will create a function to encrypt the data using the AES encryption algorithm. The function will take two parameters, the data to be encrypted and the key used for encryption. The function will use the CryptoJS library to encrypt the data using the AES encryption algorithm.

Here is the code for the encryption function:

export async function ClientSide_Encryption(value,key) {
// BEGIN USER CODE 
// UTF8 STRING -> WORDARRAY IS AN ARRAY OF 32-BIT INTEGERS, EQUIVALENT TO BINARY
let keyHex = CryptoJS.enc.Utf8.parse(key);
let ivHex = CryptoJS.enc.Utf8.parse(key);
let messageHex = CryptoJS.enc.Utf8.parse(value);
let encrypted = CryptoJS.AES.encrypt(messageHex, keyHex, {
    iv:ivHex,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pd.Pkcs7
});
    return encrypted.toString();
    //return encrypted.ciphertext.toString(); for binary result
// END USER CODE
}

Creating the Decryption Action

The next step is to create another JavaScript action with a function to decrypt the data using the AES encryption algorithm. The function will take two parameters, the encrypted data and the key used for decryption. The function will use the CryptoJS library to decrypt the data using the AES encryption algorithm.

Here is the code for the decryption function:

export async function ClientSide_decryption(encryptedValue,key) {
// BEGIN USER CODE 
// If it is not converted to base64 after encryption, then first convert to base64 and then pass in
  //let encryptedHexStr = CryptoJS.enc.Hex.parse(word); //converts from binsary text to binary
  //messageBase64 = CryptoJS.enc.Base64.stringify(encryptedHexStr) //Convert to base64
let keyHex = CryptoJS.enc.Utf8.parse(key);
let ivHex = CryptoJS.enc.Utf8.parse(key);
let decrypt = CryptoJS.AES.decrypt(encryptedValue, keyHex, {
    iv:ivHex,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pd.Pkcs7
});
let decryptedStr =decrypt.toString(Crypto.Js.enc.Utf8);
    return decryptedStr.toString();
// END USER CODE
}

Once the encryption and decryption functions are created, we can use them in our Mendix project. The encrypted data can be stored in a Mendix database, and the decryption function can be used to retrieve the data.

Important: In order to use this in your Mendix app, you will need to call these Javascript Actions via a Nanoflow for both Web and Native Mobile apps

Conclusion

End-to-End encryption in Mendix using AES encryption JavaScript is a secure method of transmitting data. AES encryption is widely used for data encryption and is considered one of the most secure encryption algorithms. By using my End to end encryption module from the Mendix marketplace, you can extend the functionality of the platform and implement end-to-end encryption to secure data transmission in your app.

Read more

crypto-js

Build JavaScript Actions: Part 1 (Basic)

Implement Best Practices for JavaScript Actions

From the Publisher -

If you enjoyed this article you can find more like it on our Medium page. For great videos and live sessions, you can go to MxLive or our community Youtube page.

For the makers looking to get started, you can sign up for a free account, and get instant access to learning with our Academy.

Interested in getting more involved with our community? Join us in our Slack community channel.