# %encrypt() function The %encrypt() function encrypts a string. The appropriate OpenSSL libraries must be present to use this function. See your platform-specific System Administration Guide for details. ## Syntax ``` code = %encrypt(params, inputstring, outputstring, &outputstring length) ``` ## Parameter(s) | code | Return code representing the result of the function. | | --- | --- | | params | A dynamic array containing the following information: | | Algorithm (Supported algorithms are Crypto$Algorithm$AES128 and Crypto$Algorithm$AES256). | | | Length of input string. | | | Size of output buffer. | | | Clear text key (must be 16 bytes long for AES128 and 32 bytes long for AES256). If the clear text key is null, the default key will be used. | | | inputstring | Input string. | | outputstring | Output string. | | outputstring length | Length of the encrypted string. | ## Description This function returns an integer to the *code* variable as follows: | 0 | Success | | --- | --- | | -1 | Error | | -2 | Invalid keysize (must be 16 bytes for AES128 and 32 bytes for AES256) | | -3 | Output buffer too small. The output string buffer must be pre-allocated. For AES128, the size must be a minimum of twice the size of the input buffer for the %encrypt() function to work. For AES256, the size must be the size of the input buffer rounded up to the next multiple of 32 with at least one extra 32-byte block. The return parameter outputstring length denotes the actual length of the encrypted string. | | -4 | Encryption libraries are not loaded. | ## Example(s) The following example illustrates encrypting and decrypting a user-provided string using AES128: ``` * encryptAES128Test * open 'sqldemo,customers,' to file then read item from file,"1" then dataItem = item<6> call encryptAES128.sub(dataItem,errMsg) ;* now do the encryption if errMsg = "" then writev dataItem on file,"1",6 end else crt errMsg end end end end * * End of source subroutine encryptAES128.sub(dataItem,errMsg) include dm,bp,includes crypto.inc * * Key must be 16 characters long key = "1234567890123456"'l%16' * * now do the encryption dataLen = len(dataItem)*2 char encrItem[ dataLen ] cryptoParams = "" cryptoParams< Crypto$P$Algorithm > = Crypto$Algorithm$AES128 cryptoParams< Crypto$P$inputlength > = Len(dataItem) cryptoParams< Crypto$P$outputLength > = dataLen cryptoParams< Crypto$P$ClearKey > = key encryptedLen = 0 gp.result = %Encrypt(cryptoParams, dataItem, encrItem, &encryptedLen) if gp.result < 0 then errMsg = "Encryption failed: " : gp.result end else dataItem = encrItem[1, encryptedLen] ;* MANDATORY trim of buffer padding errMsg = "" end * return * * End of source * decryptAES128Test * open 'sqldemo,customers,' to file then read item from file,"1" then dataItem = item<6> call decryptAES128.sub(dataItem,errMsg) ;* now do the decryption if errMsg = "" then writev dataItem on file,"1",6 end else crt errMsg end end end end * * End of source subroutine decryptAES128.sub(dataItem,errMsg) include dm,bp,includes crypto.inc * * Key must be 16 characters long key = "1234567890123456"'l%16' encrItem = dataItem encryptedLen = len(encrItem) * now do the decryption char decrItem[Len(encrItem)] cryptoParams = "" cryptoParams< Crypto$P$Algorithm > = Crypto$Algorithm$AES128 cryptoParams< Crypto$P$inputLength > = encryptedLen cryptoParams< Crypto$P$outputLength > = Len(decrItem) cryptoParams< Crypto$P$ClearKey > = key decryptedLen = 0 * gp.result = %Decrypt(cryptoParams, encrItem, decrItem, &decryptedLen) if gp.result < 0 then errMsg = "Decryption failed: " : gp.result end else dataItem = encrItem[1, encryptedLen] ;* MANDATORY trim of buffer padding errMsg = "" end * dataItem = decrItem * return * * End of source ``` The following example illustrates encrypting and decrypting a user-provided string using AES256 (D3 versions 10.3.4 and later): ``` * encryptAES256Test * open 'sqldemo,customers,' to file then read item from file,"1" then dataItem = item<6> call encryptAES256.sub(dataItem,errMsg) ;* now do the encryption if errMsg = "" then writev dataItem on file,"1",6 end else crt errMsg end end end end * * End of source subroutine encryptAES256.sub(dataItem,errMsg) include dm,bp,includes crypto.inc * * Key must be 32 characters long key = "12345678901234567890123456789012"'l%32' * * now do the encryption dataLen = (int(len(dataItem)/32)+2)*32 char encrItem[ dataLen ] cryptoParams = "" cryptoParams< Crypto$P$Algorithm > = Crypto$Algorithm$AES256 cryptoParams< Crypto$P$inputlength > = Len(dataItem) cryptoParams< Crypto$P$outputLength > = dataLen cryptoParams< Crypto$P$ClearKey > = key encryptedLen = 0 gp.result = %Encrypt(cryptoParams, dataItem, encrItem, &encryptedLen) if gp.result < 0 then errMsg = "Encryption failed: " : gp.result end else dataItem = encrItem[1, encryptedLen] ;* MANDATORY trim of buffer padding errMsg = "" end * return * * End of source * decryptAES256Test * open 'sqldemo,customers,' to file then read item from file,"1" then dataItem = item<6> call decryptAES256.sub(dataItem,errMsg) ;* now do the decryption if errMsg = "" then writev dataItem on file,"1",6 end else crt errMsg end end end end * * End of source subroutine decryptAES256.sub(dataItem,errMsg) include dm,bp,includes crypto.inc * * Key must be 32 characters long key = "12345678901234567890123456789012"'l%32' encrItem = dataItem encryptedLen = len(encrItem) * now do the decryption char decrItem[Len(encrItem)] cryptoParams = "" cryptoParams< Crypto$P$Algorithm > = Crypto$Algorithm$AES256 cryptoParams< Crypto$P$inputLength > = encryptedLen cryptoParams< Crypto$P$outputLength > = Len(decrItem) cryptoParams< Crypto$P$ClearKey > = key decryptedLen = 0 * gp.result = %Decrypt(cryptoParams, encrItem, decrItem, &decryptedLen) if gp.result < 0 then errMsg = "Decryption failed: " : gp.result end else dataItem = encrItem[1, encryptedLen] ;* MANDATORY trim of buffer padding errMsg = "" end * dataItem = decrItem * return * * End of source ``` --- Source: https://d3codex.com/pickbasic-flashbasic/percent-encrypt-function/ - part of the D3Codex reference.