This method performs AES encryption in Cipher Block Chained (CBC) mode. Use with AESCBCDecrypt. (See Federal Information Processing Standards Publication 197 and NIST Special Publication 200-38A for more information.)
Input parameters:
plaintext - String to be encrypted. This is padded before encryption to the next mutiple of 16 bytes, using reversible block padding. (See Internet Engineering Task Force Request for Comments 2040 and RSA Laboratories Public-Key Cryptography Standards #7 for more information.)
key - Input key material. Key material 16, 24, or 32 characters long (on Unicode systems, with all character values < 256) is used directly. Otherwise, Password-Based Key Derivation Function #2 (PBKDF2) is used with HMAC-SHA-1, no salt, and one iteration to generate an AES key of the next larger valid size (up to 32 bytes). (See RSA Laboratories Public-Key Cryptography Standards #5 for more information.)
IV - Initialization vector (optional). If this argument is present it must be 16 characters long (on Unicode systems, with all character values < 256). If this argument is omitted (or is an empty string), a null initialization vector is used.
Return value: Encrypted ciphertext.
NOTE: To AES-CBC encrypt and Base64 encode Unicode strings that may contain wide characters, UTF-8 encode the string first:
Set text=$ZCONVERT(plaintext,"O","UTF8")
Set text=$SYSTEM.Encryption.AESCBCEncrypt(text,key,IV)
Set ciphertext=$SYSTEM.Encryption.Base64Encode(text)
To decode and decrypt, perform these operations in the reverse order:
Set text=$SYSTEM.Encryption.Base64Decode(ciphertext)
Set text=$SYSTEM.Encryption.AESCBCDecrypt(text,key,IV)
Set plaintext=$ZCONVERT(text,"I","UTF8")
This method performs AES decryption in Cipher Block Chained (CBC) mode. Use with AESCBCEncrypt. (See Federal Information Processing Standards Publication 197 and NIST Special Publication 200-38A for more information.)
Input parameters:
ciphertext - Encrypted ciphertext, as generated by AESCBCEncrypt.
key - Input key material. Key material 16, 24, or 32 characters long (on Unicode systems, with all character values < 256) is used directly. Otherwise, Password-Based Key Derivation Function #2 (PBKDF2) is used with HMAC-SHA-1, no salt, and one iteration to generate an AES key of the next larger valid size (up to 32 bytes). (See RSA Laboratories Public-Key Cryptography Standards #5 for more information.)
IV - Initialization vector (optional). If this argument is present it must be 16 characters long (on Unicode systems, with all character values < 256). If this argument is omitted (or is an empty string), a null initialization vector is used.
Return value: Decrypted original plaintext, with block padding removed.