AESEncrypt
AESEncrypt>source,SHA256Password,ENCRYPT|DECRYPT,target[,init_vector]
Not supported in Macro Scheduler Lite.
Uses AES encryption to encrypt or decrypt source to target using the specified password which is SHA256 hashed by the function (the password does not need hashing prior to use as it is hashed internally).
Update for 14.4.09: By default, and for backward compatibility reasons, this uses a legacy AES_128 algorithm operating on Unicode strings and returns the result in binary format. A new implementation was added in v14.4.10 which makes use of the Windows Crypto libaries and offers improved cross-platform compatibility, offering AES128 and AES256 using CBC and the ability to set your own IV. To use these set AES_ALG to AES_128_CBC or AES_256_CBC. If using AES_128 the SHA256 key is truncated to 16 bytes. These new implementations also use UTF8 strings and require input/output of data in BASE64 encoding. Padding is PKCS#5 and compatible with OpenSSL. If an IV is not specified it will be automatically set to '0000000000000000'. A compatible PHP example is given below.
We recommend using AES_128_CBC or AES_256_CBC.
In Macro Scheduler 14.0.14 AES was reimplemented to address some Unicode issues. If this causes compatibility issues with data encrypted using the old method you can switch back to using the old algorithm by setting AES_LEGACY to 1.
See also: Hash
AES_256 Example
Let>AES_ALG=AES_256_CBC
AESEncrypt>hello world,mypassword,ENCRYPT,result
AESEncrypt>result,mypassword,DECRYPT,original
AES_256 Example with Custom IV
Let>AES_ALG=AES_256_CBC
AESEncrypt>hello world,mypassword,ENCRYPT,result,1234567812345678
AESEncrypt>result,mypassword,DECRYPT,original,1234567812345678
Legacy Example
//AESEncrypt now outputs in Unicode by default, so we need Base64 to work on Unicode.
Let>BASE64_UNICODE=1
//Create a password
Let>mypassword=this is a secret
Let>strText=the quick brown fox jumped over the lazy dog
//encrypt the string with AES
AESEncrypt>strText,mypassword,ENCRYPT,encrypted_data
//as encrypted data is binary use Base64 to encode it to a string
Base64>encrypted_data,ENCODE,encoded_encrypted_data
..
..
//decode and decrypt
Base64>encoded_encrypted_data,DECODE,encrypted_data
AESEncrypt>encrypted_data,mypassword,DECRYPT,strText2
PHP Compatible Example:
The PHP code below will produce the same results as this MacroScript code:
Let>AES_ALG=AES_128_CBC
AESEncrypt>hello world,mypassword,ENCRYPT,result
AESEncrypt>result,mypqssword,DECRYPT,original
<?php
// CBC has an IV and thus needs randomness every time a message is encrypted
$method = 'AES-128-CBC';
// simple password hash
$password = 'mypassword';
$key = hex2bin(substr(hash('sha256', $password),0,32));
echo "Method: " . $method . "\n";
$encrypted = encrypt($data, $key, $method);
echo "Encrypted: ". $encrypted . "\n";
$decrypted = decrypt($encrypted, $key, $method);
echo "Decrypted: ". $decrypted . "\n"; // plain text
function encrypt(string $data, string $key, string $method): string
{
$iv = "0000000000000000";
$encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv);
$encrypted = base64_encode($encrypted);
return $encrypted;
}
function decrypt(string $data, string $key, string $method): string
{
$data = base64_decode($data);
$iv = "0000000000000000";
$data = openssl_decrypt($data, $method, $key, OPENSSL_RAW_DATA,$iv);
return $data;
}