Macro Scheduler 15

AESEncrypt

AESEncrypt>source,SHA256Password,ENCRYPT|DECRYPT,target[,init_vector]

 

Not supported in Macro Scheduler Lite.

 

Uses AES encryption to encrypt or decrypt source to target using the specified password which is SHA256 hashed by the function (the password does not need hashing prior to use as it is hashed internally).

 

Update for 14.4.09: By default, and for backward compatibility reasons, this uses a legacy AES_128 algorithm operating on Unicode strings and returns the result in binary format. A new implementation was added in v14.4.10 which makes use of the Windows Crypto libaries and offers improved cross-platform compatibility, offering AES128 and AES256 using CBC and the ability to set your own IV. To use these set AES_ALG to AES_128_CBC or AES_256_CBC. If using AES_128 the SHA256 key is truncated to 16 bytes. These new implementations also use UTF8 strings and require input/output of data in BASE64 encoding. Padding is PKCS#5 and compatible with OpenSSL. If an IV is not specified it will be automatically set to '0000000000000000'.  A compatible PHP example is given below.

 

We recommend using AES_128_CBC or AES_256_CBC.

 

In Macro Scheduler 14.0.14 AES was reimplemented to address some Unicode issues.  If this causes compatibility issues with data encrypted using the old method you can switch back to using the old algorithm by setting AES_LEGACY to 1.

 

See also: Hash

 

AES_256 Example

 

Let>AES_ALG=AES_256_CBC

AESEncrypt>hello world,mypassword,ENCRYPT,result

AESEncrypt>result,mypassword,DECRYPT,original

 

AES_256 Example with Custom IV

 

Let>AES_ALG=AES_256_CBC

AESEncrypt>hello world,mypassword,ENCRYPT,result,1234567812345678

AESEncrypt>result,mypassword,DECRYPT,original,1234567812345678

 

Legacy Example

 

//AESEncrypt now outputs in Unicode by default, so we need Base64 to work on Unicode.

Let>BASE64_UNICODE=1

 

//Create a password

Let>mypassword=this is a secret

 

Let>strText=the quick brown fox jumped over the lazy dog

 

//encrypt the string with AES

AESEncrypt>strText,mypassword,ENCRYPT,encrypted_data

 

//as encrypted data is binary use Base64 to encode it to a string

Base64>encrypted_data,ENCODE,encoded_encrypted_data

 

..

..

 

//decode and decrypt

Base64>encoded_encrypted_data,DECODE,encrypted_data

AESEncrypt>encrypted_data,mypassword,DECRYPT,strText2

 

 

PHP Compatible Example:

 

The PHP code below will produce the same results as this MacroScript code:

 

Let>AES_ALG=AES_128_CBC

AESEncrypt>hello world,mypassword,ENCRYPT,result

AESEncrypt>result,mypqssword,DECRYPT,original

 

<?php

// CBC has an IV and thus needs randomness every time a message is encrypted

$method = 'AES-128-CBC';

 

// simple password hash

$password = 'mypassword';

$key = hex2bin(substr(hash('sha256', $password),0,32));

 

echo "Method: " . $method . "\n";

$encrypted = encrypt($data, $key, $method);

echo "Encrypted: ". $encrypted . "\n";

$decrypted = decrypt($encrypted, $key, $method);

echo "Decrypted: ".  $decrypted . "\n"; // plain text

 

function encrypt(string $data, string $key, string $method): string

{

    $iv = "0000000000000000";

    $encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv);

    $encrypted = base64_encode($encrypted);

 

    return $encrypted;

}

 

function decrypt(string $data, string $key, string $method): string

{

    $data = base64_decode($data);

    $iv = "0000000000000000";

    $data = openssl_decrypt($data, $method, $key, OPENSSL_RAW_DATA,$iv);

 

    return $data;

}