Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

Encryption.Cipher

Encrypts or decrypts of a value.

Component Version macOS Windows Linux Server iOS SDK
Encryption 4.1 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "Encryption.Cipher"; Direction; Algorithm; KeyType; KeyData; KeyEncoding; InputType; InputData; InputEncoding; OutputType { ; OutputInfo; IVType; IVData; IVEncoding; Padding } )   More

Parameters

Parameter Description Example Flags
Direction Whether to encrypt or decrypt. Pass encrypt or decrypt. "encrypt"
Algorithm Which algorithm to use. Can be for example RC2, blowfish, AES128, AES192, AES256. "AES-128-CFB"
KeyType The type of input for key.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
KeyData The actual input data for the key.
Text, container or file path. Must not be longer than the maximum key length of the given algorithm. If key is too short, we pad it with zero bytes.
If the key is text, please check what type of line ending you use and whether to trim the key.

For short keys, we may fill them up with zeros to default/minimum length.
"Hello World"
KeyEncoding The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ.
"UTF-8"
InputType The type of input.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
"Text"
InputData The actual input data.
Text, container or file path.
"Hello World"
InputEncoding The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ.
"UTF-8"
OutputType The output type.
Can be Base64, Hex, Text, File, Path.
Can be Auto in plugin version 7.3 to detect type for container from OutputInfo parameter.
Added Base64URL as option for plugin version 10.3.
"Hex"
OutputInfo The addition info for output.
For text it is the text encoding, for file container the file name and for path the actual native file path.
"" Optional
IVType The type of input.
Can be Text, Container, Image, Path, PDF, Data, base64 or Hex.
In version 6.0 and newer you can pass Input here to take IV from input data.
"Text" Optional
IVData The actual input data for the IV.
Text, container or file path. Must not be longer than the maximum IV length of the given algorithm. If IV is too short, we pad it with zero bytes.
"Hello World" Optional
IVEncoding The text encoding for text input.
Parameter is ignored for other cases.
Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ.
"UTF-8" Optional
Padding Whether to use padding.
Pass 1 to enable padding (default).
Pass 0 to disable.
0 Optional

Result

Returns encrypted/decrypted value or text.

Description

Encrypts or decrypts of a value.
Input can be one of different types:
  • Text, you pass "text", your text and the text encoding. If no or invalid encoding name is passed, the native one is used. The encoding can be one of the following strings: ansi, windows, mac, latin1, utf8, dos or native.
  • PDF, you pass the container with the PDF file inside.
  • Image, you pass the container with an image file.
  • Data, you pass container and plugin looks for the file data inside.
  • Hex, you pass a hex encoded text.
  • Base64, you pass a base64 encoded text.
  • Path, you pass the file path to a file to read.
  • Container, you pass a container which is serialized with all its content.
  • JPEG, a container with a JPEG image.
  • GIF, a container with a GIF image.
  • TIFF, a container with a TIFF image.
  • PNG, a container with a PNG image.
Now for output we can return the data in various ways:
  • Text, we return the data as text in the encoding. This is not recommended for encrypted data. OutputInfo parameter is text encoding.
  • Base64, the data is returned as base64 encoded text.
  • Hex, the data is returned as hex encoded text.
  • File, the data is returned as a container value with a file inside containing the data. OutputInfo parameter is the filename to be stored in the container value.
  • Path, the data is written to a file. In the OutputInfo parameter you provide a native file path.
  • Container, the data is unpacked as a container value (serialized container).
  • GIF, the data is returned as a container with GIF image inside.
  • TIFF, the data is returned as a container with TIFF image inside.
  • JPEG, the data is returned as a container with JPEG image inside.
  • PNG, the data is returned as a container with PNG image inside.
  • PDF, the data is returned as a container with PDF document inside.
  • Auto, only for returning data and detecting type by provided file name. (new in 7.3)

Possible ciphers:
AES-128-CFB, BF-CBC, BF-CFB, BF-ECB, BF-OFB, AES-128-CBC, id-aes128-CCM, AES-128-CFB1, AES-128-CFB8, AES-128-CTR, AES-128-ECB, id-aes128-GCM, AES-128-OFB, AES-128-XTS, AES-192-CBC, id-aes192-CCM, AES-192-CFB1, AES-192-CFB8, AES-192-CFB, AES-192-CTR, AES-192-ECB, id-aes192-GCM, AES-192-OFB, AES-256-CBC, id-aes256-CCM, AES-256-CFB1, AES-256-CFB8, AES-256-CFB, AES-256-CTR, AES-256-ECB, id-aes256-GCM, AES-256-OFB, AES-256-XTS, CAMELLIA-128-CBC, CAMELLIA-128-CFB1, CAMELLIA-128-CFB8, CAMELLIA-128-CFB, CAMELLIA-128-ECB, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-CFB, CAMELLIA-192-ECB, CAMELLIA-192-OFB, CAMELLIA-256-CBC, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-CFB, CAMELLIA-256-ECB, CAMELLIA-256-OFB, CAST5-CBC, CAST5-CFB, CAST5-ECB, CAST5-OFB, DES-EDE, DES-EDE-CBC, DES-EDE-CFB, DES-EDE, DES-EDE-OFB, DES-EDE3, DES-EDE3-CBC, DES-EDE3-CFB1, DES-EDE3-CFB8, DES-EDE3-CFB, DES-EDE3, DES-EDE3-OFB, RC2-40-CBC, RC2-64-CBC, RC2-CBC, RC2-CFB, RC2-ECB, RC2-OFB, RC4, RC4-40, RC4-HMAC-MD5, IDEA-CFB, IDEA-ECB, IDEA-OFB, IDEA-CBC, DES-CFB1, DES-CFB8, DES-CFB, DES-OFB, DES-ECB, DES-CBC or DESX-CBC.

Please use right key length. For AES 128bit you need a 128 bit key, which means 16 bytes length. For AES 256 you need a 32byte long key. Recommended way is to use a hash function like SHA 256 to get a hashed version of your password plus some extra text as salt. For 128bit, you can simply use first half of SHA 256.
Version 7.3 reports an error if key size doesn’t match. Keys and IV are extended with NULL bytes to reach minimum size if needed.

For PDF content: If you have a DynaPDF Pro license and DynaPDF functions initialized, this function can add previews for the PDF file on Windows and Linux. For MacOS, we make them with PDFKit.

Examples

Encrypts some text with AES:

MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Test Key 1234567"; "UTF-8"; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )

Example result: 2A04C546B09FF53B0039D6

Encrypts a container:

MBS( "Encryption.Cipher"; "encrypt"; "AES-256-ECB"; "Hex"; "1234567812345678123456781234567812345678123456781234567812345678"; ""; "Container"; MyTable::MyContainer; ""; "Hex"; "" )

Encrypt and decrypt:

# encrypt something
$r = MBS("Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Text"; "Input Text"; "UTF-8"; "Hex"; "" )
# returns "C577EC9EBE28B1F4E1FD"
# and backward
$r = MBS("Encryption.Cipher"; "decrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Hex"; "C577EC9EBE28B1F4E1FD"; ""; "Text"; "UTF-8" )

Encrypt with AES 256bit Counter (CTR) mode:

# Make a 256 bit key with a hash
Set Variable [$hash; Value:MBS( "Hash.Digest"; "SHA256"; "Text"; "My Secret Password"; "UTF-8"; "Hex" )]
# now encrypt some text
Set Variable [$encrypted; Value:MBS( "Encryption.Cipher"; "encrypt"; "AES-256-CTR"; "Hex"; $hash; ""; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )]
# and show encrypted text
Show Custom Dialog [$encrypted]

Encrypt Umsatzzähler für Registrierkasse mit AES ICM/CTR:

MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CTR"; "TEXT"; $Schlüssel; "UTF-8"; "Hex"; $KodierterUmsatzzählers; ""; "Hex"; ""; "Text"; $Kassenidentifikationsnummer & $Belegnummer; "UTF-8" )

Decrypt Blowfish ECB:

MBS( "Encryption.Cipher"; "decrypt"; "bf-ecb"; "TEXT"; "strunzhasensalat"; "UTF-8"; "base64"; "TkfrFBRE0pkp3lzEX7YibCVnz+S79ckp"; ""; "Text"; "UTF-8" )

Example result: Ölüberschußländer

See also

Release notes

Example Databases

Blog Entries

This function checks for a license.

Created 18th August 2014, last changed 17th June 2023


EmailParser.WriteInline - Encryption.CipherNames