The DECRYPT() function decrypts data that has been encrypted for secure storage or transmission.
The DECRYPT() function applies the AES 128 bit encryption algorithm to the supplied data and returns the decrypted text. The key string may be up to 64 characters in length and may contain any character. It is automatically transformed into a form that is usable by the AES algorithm. For optimum data security, the key should be about 16 characters.
The encrypted data is structured so that it can never contain characters from the C0 control group (characters 0 to 31) or the mark characters. As a result of this operation, the encrypted data is slightly longer than the resultant decrypted data.
On an ECS mode system, the encrypted data must have been converted to a byte string prior to encryption if it may contain ECS characters. This is because encryption is a byte level operation. There is an implication that a program decrypting the data must know that it will need to convert the byte string back to ECS characters using the BS conversion code.
OPEN 'USERS' TO USR.F ELSE
DISPLAY 'Cannot open USERS file'
DISPLAY 'User name: ' :
INPUT USERNAME, 20_:
READ USER.REC FROM USR.F THEN
FOR I = 1 TO 3
DISPLAY 'Password: ' :
INPUT PW,20_: HIDDEN
IF PW = DECRYPT(USR.REC<1>, 'MySecretKey') THEN RETURN @TRUE
DISPLAY 'Password incorrect'
The above function prompts for a user name and password, validating these against a record in the USERS file. The password field of this file is encrypted.