Topics   All   Mac OS X (Only)   Windows (Only)   Linux (Only, Not)   iOS (Only, Not)  
Components   Crossplatform Mac & Win   Server   Client   Old   Guides   Examples
New in version: 7.3   7.4   7.5   8.0   8.1   8.2   8.3   8.4   8.5   8.6    Statistic  

Encryption.Cipher

Encrypts or decrypts of a value.

Component Version macOS Windows Server FileMaker Cloud FileMaker iOS SDK
Encryption 4.1 Yes Yes Yes Yes Yes
MBS( "Encryption.Cipher"; Direction; Algorithm; KeyType; KeyData; KeyEncoding; InputType; InputData; InputEncoding; OutputType { ; OutputInfo; IVType; IVData; IVEncoding; Padding } )   More

Parameters

Parameter Description Example value
Direction Whether to encrypt or decrypt. Pass encrypt or decrypt. "encrypt"
Algorithm Which algorithm to use. Can be for example RC2, blowfish, AES128, AES192, AES256. "AES-128-CFB"
KeyType The type of input for key.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
KeyData The actual input data for the key.
Text, container or file path. Must not be longer than the maximum key length of the given algorithm. If key is too short, we pad it with zero bytes.
"Hello World"
KeyEncoding The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, Arabic-Mac, Arabic-Win, Baltic-Win, CentralEurope-Mac, ChineseSimp-Mac, ChineseSimp-Win, ChineseTrad-Mac, ChineseTrad-Win, Cyrillic-Mac, Cyrillic-Win, EasternEurope-Win, Greek-Mac, Greek-Win, Hebrew-Mac, Hebrew-Win, ISO-8859-1, ISO-8859-2, ISO-8859-3, ISO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO-8859-9, ISO-8859-15, Korean-Johab, Korean-Mac, Korean-Win, Latin1, Mac, Native, ShiftJIS-Mac, ShiftJIS-Win, Turkish-Mac, Turkish-Win, UTF-8, DOS or Windows. Pass native to use the native encoding of the current platform.
"UTF-8"
InputType The type of input.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
InputData The actual input data.
Text, container or file path.
"Hello World"
InputEncoding The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, Arabic-Mac, Arabic-Win, Baltic-Win, CentralEurope-Mac, ChineseSimp-Mac, ChineseSimp-Win, ChineseTrad-Mac, ChineseTrad-Win, Cyrillic-Mac, Cyrillic-Win, EasternEurope-Win, Greek-Mac, Greek-Win, Hebrew-Mac, Hebrew-Win, ISO-8859-1, ISO-8859-2, ISO-8859-3, ISO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO-8859-9, ISO-8859-15, Korean-Johab, Korean-Mac, Korean-Win, Latin1, Mac, Native, ShiftJIS-Mac, ShiftJIS-Win, Turkish-Mac, Turkish-Win, UTF-8, DOS or Windows. Pass native to use the native encoding of the current platform.
"UTF-8"
OutputType The output type.
Can be Base64, Hex, Text, File, Path.
Can be Auto in plugin version 7.3 to detect type for container from OutputInfo parameter.
"Hex"
OutputInfo Optional
The addition info for output.
For text it is the text encoding, for file container the file name and for path the actual native file path.
""
IVType Optional
The type of input.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
In version 6.0 and newer you can pass Input here to take IV from input data.
"Text"
IVData Optional
The actual input data for the IV.
Text, container or file path. Must not be longer than the maximum IV length of the given algorithm. If IV is too short, we pad it with zero bytes.
"Hello World"
IVEncoding Optional
The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, Arabic-Mac, Arabic-Win, Baltic-Win, CentralEurope-Mac, ChineseSimp-Mac, ChineseSimp-Win, ChineseTrad-Mac, ChineseTrad-Win, Cyrillic-Mac, Cyrillic-Win, EasternEurope-Win, Greek-Mac, Greek-Win, Hebrew-Mac, Hebrew-Win, ISO-8859-1, ISO-8859-2, ISO-8859-3, ISO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO-8859-9, ISO-8859-15, Korean-Johab, Korean-Mac, Korean-Win, Latin1, Mac, Native, ShiftJIS-Mac, ShiftJIS-Win, Turkish-Mac, Turkish-Win, UTF-8, DOS or Windows. Pass native to use the native encoding of the current platform.
"UTF-8"
Padding Optional
Whether to use padding.
Pass 1 to enable padding (default).
Pass 0 to disable.
0

Result

Returns encrypted/decrypted value or text.

Description

Encrypts or decrypts of a value.
Input can be one of different types:
  • Text, you pass "text", your text and the text encoding. If no or invalid encoding name is passed, the native one is used. The encoding can be one of the following strings: ansi, windows, mac, latin1, utf8, dos or native.
  • PDF, you pass the container with the PDF file inside.
  • Image, you pass the container with an image file.
  • Data, you pass container and plugin looks for the file data inside.
  • Hex, you pass a hex encoded text.
  • Base64, you pass a base64 encoded text.
  • Path, you pass the file path to a file to read.
  • Container, you pass a container which is serialized with all its content.
  • JPEG, a container with a JPEG image.
  • GIF, a container with a GIF image.
  • TIFF, a container with a TIFF image.
  • PNG, a container with a PNG image.
Now for output we can return the data in various ways:
  • Text, we return the data as text in the encoding. This is not recommended for encrypted data. OutputInfo parameter is text encoding.
  • Base64, the data is returned as base64 encoded text.
  • Hex, the data is returned as hex encoded text.
  • File, the data is returned as a container value with a file inside containing the data. OutputInfo parameter is the filename to be stored in the container value.
  • Path, the data is written to a file. In the OutputInfo parameter you provide a native file path.
  • Container, the data is unpacked as a container value (serialized container).
  • GIF, the data is returned as a container with GIF image inside.
  • TIFF, the data is returned as a container with TIFF image inside.
  • JPEG, the data is returned as a container with JPEG image inside.
  • PNG, the data is returned as a container with PNG image inside.
  • PDF, the data is returned as a container with PDF document inside.
  • Auto, only for returning data and detecting type by provided file name. (new in 7.3)

Possible ciphers:
AES-128-CFB, BF-CBC, BF-CFB, BF-ECB, BF-OFB, AES-128-CBC, id-aes128-CCM, AES-128-CFB1, AES-128-CFB8, AES-128-CTR, AES-128-ECB, id-aes128-GCM, AES-128-OFB, AES-128-XTS, AES-192-CBC, id-aes192-CCM, AES-192-CFB1, AES-192-CFB8, AES-192-CFB, AES-192-CTR, AES-192-ECB, id-aes192-GCM, AES-192-OFB, AES-256-CBC, id-aes256-CCM, AES-256-CFB1, AES-256-CFB8, AES-256-CFB, AES-256-CTR, AES-256-ECB, id-aes256-GCM, AES-256-OFB, AES-256-XTS, CAMELLIA-128-CBC, CAMELLIA-128-CFB1, CAMELLIA-128-CFB8, CAMELLIA-128-CFB, CAMELLIA-128-ECB, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-CFB, CAMELLIA-192-ECB, CAMELLIA-192-OFB, CAMELLIA-256-CBC, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-CFB, CAMELLIA-256-ECB, CAMELLIA-256-OFB, CAST5-CBC, CAST5-CFB, CAST5-ECB, CAST5-OFB, DES-EDE, DES-EDE-CBC, DES-EDE-CFB, DES-EDE, DES-EDE-OFB, DES-EDE3, DES-EDE3-CBC, DES-EDE3-CFB1, DES-EDE3-CFB8, DES-EDE3-CFB, DES-EDE3, DES-EDE3-OFB, RC2-40-CBC, RC2-64-CBC, RC2-CBC, RC2-CFB, RC2-ECB, RC2-OFB, RC4, RC4-40, RC4-HMAC-MD5, IDEA-CFB, IDEA-ECB, IDEA-OFB, IDEA-CBC, DES-CFB1, DES-CFB8, DES-CFB, DES-OFB, DES-ECB, DES-CBC or DESX-CBC.

Please use right key length. For AES 128bit you need a 128 bit key, which means 16 bytes length. For AES 256 you need a 32byte long key. Recommended way is to use a hash function like SHA 256 to get a hashed version of your password plus some extra text as salt. For 128bit, you can simply use first half of SHA 256.
Version 7.3 reports an error if key size doesn’t match. Keys and IV are extended with NULL bytes to reach minimum size if needed.

For PDF content: If you have a DynaPDF Pro license and DynaPDF functions initialized, this function can add previews for the PDF file on Windows and Linux. For MacOS, we make them with PDFKit.

Examples

Encrypts some text with AES:

MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Test Key 1234567"; "UTF-8"; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )

Example result: CFD7F09EEC76A23CF489C9

Encrypts a container:

MBS( "Encryption.Cipher"; "encrypt"; "AES-256-ECB"; "Hex"; "1234567812345678123456781234567812345678123456781234567812345678"; ""; "Container"; MyTable::MyContainer; ""; "Hex"; "" )

Encrypt and decrypt:

# encrypt something
$r = MBS("Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Text"; "Input Text"; "UTF-8"; "Hex"; "" )
# returns "C577EC9EBE28B1F4E1FD"
# and backward
$r = MBS("Encryption.Cipher"; "decrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Hex"; "C577EC9EBE28B1F4E1FD"; ""; "Text"; "UTF-8" )

Encrypt with AES 256bit Counter (CTR) mode:

# Make a 256 bit key with a hash
Set Variable [$hash; Value:MBS( "Hash.Digest"; "SHA256"; "Text"; "My Secret Password"; "UTF-8"; "Hex" )]
# now encrypt some text
Set Variable [$encrypted; Value:MBS( "Encryption.Cipher"; "encrypt"; "AES-256-CTR"; "Hex"; $hash; ""; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )]
# and show encrypted text
Show Custom Dialog [$encrypted]

Encrypt Umsatzzähler für Registrierkasse mit AES ICM/CTR:

MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CTR"; "TEXT"; $Schlüssel; "UTF-8"; "Hex"; $KodierterUmsatzzählers; ""; "Hex"; ""; "Text"; $Kassenidentifikationsnummer & $Belegnummer; "UTF-8" )

Decrypt Blowfish ECB:

MBS( "Encryption.Cipher"; "decrypt"; "bf-ecb"; "TEXT"; "strunzhasensalat"; "UTF-8"; "base64"; "TkfrFBRE0pkp3lzEX7YibCVnz+S79ckp"; ""; "Text"; "UTF-8" )

See also

Example Databases

Blog Entries

Created 18th August 2014, last changed 17th August 2018


EmailParser.WriteInline   -   Encryption.CipherNames

Feedback: Report problem or ask question.




Links
MBS Xojo Plugins