Skip to content

Encryption Strategies


Encryption Strategies define the way sensitive data is encrypted (so that it's securely stored) and decrypted (so that it's displayed as expected).


Adding an Encryption Strategy

To add a new Encryption Strategy, simple click on the Add New Model Item button, on the bottom of the list to the left.


Although you may define as many Encryption Strategies as you wish, your application will use the first one in the list.



A unique name for the Encryption Strategy. It must be a valid Mamba identifier, meaning that it must not contain any spaces or other special characters.


There are two Encryption Modes available.


Application encryption means that Application Server handles the whole encryption / decryption process. Data is encrypted before being sent to the Database and is decrypted as soon as it is received from the Database.


This is the recommended encryption strategy for most applications!


Database encryption means that data is sent from the Application Server to the Database without being encrypted and encryption is handled by the Database. This suggests that data is decrypted at the Database before being sent decrypted to the Application Server.


The default zAppDev Implementation Strategy does not support this type of encryption.


Defines the encryption algorithm used by this strategy.


This is the only encryption algorithm supoorted for the moment. It is one of the most important cryptographic algorithms for encrypting and decrypting sensitive data and is applied by everyone, from the NSA to Microsoft and Apple.

You can read more here:

Get Key Function

This is a simple Mamba function that returns a string value which is used as the encryption key.


function string GetEncryptionKey() {
    string value = AppLib.Application.GetConfigurationKey("SecurityKey");
    Array[byte] input;

    if value == null {
        throw "Could not find key with name SecurityKey in settings! ";

    if value.StartsWith("~") {
     input = FileIOLib.File.ReadAllBytesFrom(CommonLib.Utilities.GetServerPhysicalPath(value));
    else {
      input = FileIOLib.File.ReadAllBytesFrom(value);

    string keys = AppLib.Security.AESDecrypt(input,"xxxxxxxxxxxxxxxxxxxxxx", false, false);
    string applicationKey = keys.Split('|').Get(0);

    return applicationKey; 

The code above, reads an encrypted string from a file, decrypts it using another hardcoded key ("xxxxxxxxxxxxxxxxxxxxxx") and returns it, so that it is used as the application Encryption key.

Back to top