Decrypts text using the AES algorithm and the password.
Encr_DecryptAES ( switches ; password ; text )
|switches||modifies the behavior of the function|
|password||the password to use|
|text||the text to decrypt|
|-OpenSSLCompatible||decrypt OpenSSL encrypted data|
|-KeySize=256||tells the plug-in a 256 bit key was used during encryption (for OpenSSL)|
|-HashIterationCount=n||specify the hash iteration count used to generate the key and initialization vector (for OpenSSL)|
|-DontInterpretAsUTF8||don’t interpret the text as UTF-8 (for OpenSSL)|
Data type returned
the decrypted text or container data or an error code.
Returned error codes can be:
|$$-4244||no password was given|
Troi Encryptor Plug-in 1.2
FileMaker Pro 16 to 19
NOTE The Encr_DecryptAES function was called Encr_DecryptRijndaelAES in older versions of the plug-in.
– Be sure to remember the password (case sensitive!): without it you can not retrieve the original text.
– The result field should be the same type as the original field that was encrypted.
See Encr_EncryptAES for more technical information on the AES implementation.
About OpenSSL compatibility (introduced with Troi Encryptor 5.0):
When you use the -OpenSSLCompatible switch, the text to decrypt will be interpreted as formatted as OpenSSL compatible (Base64) text.
You can encrypt it for example with the OpenSSL functions of PHP 7. Specify the hash iteration count used to generate the key and initialization vector with the optional -HashIterationCount=n switch. Use for example -HashIterationCount=10000.
Note that the default for -OpenSSLCompatible is 1.
You can also decrypt encrypted text created by the openssl command in a command line interface (for example the macOS terminal). Use the switch -OpenSSLCompatible, but don’t use the -HashIterationCount=n switch as the openssl command uses the (default) iteration count of 1.
See the OpenSSL.fmp12 example in the download for more detailed information.
Encr_DecryptAES ( "-Unused" ; "mypassword" ; "<TROI_AES_STD_ENCR10> NVFJPSV9fX19fX19fX19fbpsts4SthcI/85T5dcjEv7IsuDGy72Z/t4bfFUyOY7A2ITa3jzEx wyy+kHnWsgo/IJ1d7BZeRWA6Wbtzn8/xyAgm47SuJ167SJMLb5k/Kl11dKFuaQ== </TROI_AES_STD_ENCR10>" )
This will gives this result:
In a database you have defined a text field named “encryptedPatientData” which contains encrypted illness data. Then define a calculation field:
patientDataCalc calculation Unstored = Encr_DecryptAES ( "-Unused" ; gPasswordField ; patientData )
the calculation field will contain the decrypted text, but only if the password is correct.
Used in example file