This topic describes the syntax, description, parameters, return values, and samples of cipher algorithm functions.

aes_new

This function is described as follows:
  • Syntax: aes_new(config)
  • Description

    You can call this function to create an AES object, which is used for the subsequent encryption and decryption operations. To perform an encryption, call the aes_enc() function. To perform a decryption, call the aes_dec() function.

  • Parameters
    The config parameter is of the dictionary type and includes the following arguments:
    • (Required) key: the key, which is of the string type.
    • (Optional) salt: the salt value, which is of the string type.
    • (Required) cipher_len: the length of the key. Valid values: 128, 192, and 256.
    • (Required) cipher_mode: the mode used for encryption or decryption. Valid values: ecb, cbc, ctr, cfb, and ofb.
    • (Optional) iv: the initial vector, which is of the string type.
  • Return values

    This function returns the AES object (dictionary type) upon a success and returns false upon a failure.

  • Examples
    aes_conf = []                                                                                                                                                                         
    plaintext = ''                                                                                                                                                                        
    if and($http_mode, eq($http_mode, 'ecb-128')) {                                                                                                                                       
        set(aes_conf, 'key', 'ab8bfd9f-a1af-4ba2-bbb0-1ee520e3d8bc')                                                                                                                      
        set(aes_conf, 'salt', '1234567890')                                                                                                                                               
        set(aes_conf, 'cipher_len', 128)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ecb')                                                                                                                                               
        plaintext = 'hello aes ecb-128'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'cbc-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'cbc')                                                                                                                                               
        set(aes_conf, 'iv', '0123456789abcdef')                                                                                                                                           
        plaintext = 'hello aes cbc-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'ofb-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ofb')                                                                                                                                               
        set(aes_conf, 'iv', tochar(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0))                                                                                                                      
        plaintext = 'hello aes ofb-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    
    aes_obj = aes_new(aes_conf)                                                                                                                                                           
    if not(aes_obj) {                                                                                                                                                                     
        say(concat('aes obj failed'))                                                                                                                                                     
        exit(400)                                                                                                                                                                         
    }                                                                                                                                                                                     
    
    ciphertext = aes_enc(aes_obj, plaintext)                                                                                                                                              
    plaintext_reverse = aes_dec(aes_obj, ciphertext)                                                                                                                                      
    
    say(concat('plain: ', plaintext))                                                                                                                                                     
    say(concat('cipher: ', tohex(ciphertext)))                                                                                                                                            
    say(concat('plain_reverse: ', plaintext_reverse))                                                                                                                                     
    
    if ne(plaintext, plaintext_reverse) {                                                                                                                                                 
        say('plaintext ~= plaintext_reverse')                                                                                                                                            
        exit(400)                                                                                                                                                                        
    }

aes_enc

This function is described as follows:
  • Syntax: aes_enc(o, s)
  • Description

    You can call this function to encrypt data by using the AES encryption algorithm.

  • Parameters
    • s: the plaintext to be encrypted.
    • o: the AES object that is returned by the aes_new function.
  • Return values

    This function returns the ciphertext after the text specified by the s parameter is encrypted.

  • Examples
    aes_conf = []                                                                                                                                                                         
    plaintext = ''                                                                                                                                                                        
    if and($http_mode, eq($http_mode, 'ecb-128')) {                                                                                                                                       
        set(aes_conf, 'key', 'ab8bfd9f-a1af-4ba2-bbb0-1ee520e3d8bc')                                                                                                                      
        set(aes_conf, 'salt', '1234567890')                                                                                                                                               
        set(aes_conf, 'cipher_len', 128)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ecb')                                                                                                                                               
        plaintext = 'hello aes ecb-128'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'cbc-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'cbc')                                                                                                                                               
        set(aes_conf, 'iv', '0123456789abcdef')                                                                                                                                           
        plaintext = 'hello aes cbc-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'ofb-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ofb')                                                                                                                                               
        set(aes_conf, 'iv', tochar(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0))                                                                                                                      
        plaintext = 'hello aes ofb-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    
    aes_obj = aes_new(aes_conf)                                                                                                                                                           
    if not(aes_obj) {                                                                                                                                                                     
        say(concat('aes obj failed'))                                                                                                                                                     
        exit(400)                                                                                                                                                                         
    }                                                                                                                                                                                     
    
    ciphertext = aes_enc(aes_obj, plaintext)                                                                                                                                              
    plaintext_reverse = aes_dec(aes_obj, ciphertext)                                                                                                                                      
    
    say(concat('plain: ', plaintext))                                                                                                                                                     
    say(concat('cipher: ', tohex(ciphertext)))                                                                                                                                            
    say(concat('plain_reverse: ', plaintext_reverse))                                                                                                                                     
    
    if ne(plaintext, plaintext_reverse) {                                                                                                                                                 
        say('plaintext ~= plaintext_reverse')                                                                                                                                            
        exit(400)                                                                                                                                                                        
    }

aes_dec

This function is described as follows:
  • Syntax: aes_dec(s)
  • Description

    You can call this function to decrypt data by using the AES encryption algorithm.

  • Parameters
    • s: the ciphertext to be decrypted.
    • o: the AES object returned by the aes_new function.
  • Return values

    This function returns the plaintext after the text specified by the s parameter is decrypted.

  • Examples
    aes_conf = []                                                                                                                                                                         
    plaintext = ''                                                                                                                                                                        
    if and($http_mode, eq($http_mode, 'ecb-128')) {                                                                                                                                       
        set(aes_conf, 'key', 'ab8bfd9f-a1af-4ba2-bbb0-1ee520e3d8bc')                                                                                                                      
        set(aes_conf, 'salt', '1234567890')                                                                                                                                               
        set(aes_conf, 'cipher_len', 128)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ecb')                                                                                                                                               
        plaintext = 'hello aes ecb-128'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'cbc-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'cbc')                                                                                                                                               
        set(aes_conf, 'iv', '0123456789abcdef')                                                                                                                                           
        plaintext = 'hello aes cbc-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    if and($http_mode, eq($http_mode, 'ofb-256')) {                                                                                                                                       
        set(aes_conf, 'key', '146ebcc8-392b-4b3a-a720-e7356f62')                                                                                                                          
        set(aes_conf, 'cipher_len', 256)                                                                                                                                                  
        set(aes_conf, 'cipher_mode', 'ofb')                                                                                                                                               
        set(aes_conf, 'iv', tochar(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0))                                                                                                                      
        plaintext = 'hello aes ofb-256'                                                                                                                                                   
    }                                                                                                                                                                                     
    
    aes_obj = aes_new(aes_conf)                                                                                                                                                           
    if not(aes_obj) {                                                                                                                                                                     
        say(concat('aes obj failed'))                                                                                                                                                     
        exit(400)                                                                                                                                                                         
    }                                                                                                                                                                                     
    
    ciphertext = aes_enc(aes_obj, plaintext)                                                                                                                                              
    plaintext_reverse = aes_dec(aes_obj, ciphertext)                                                                                                                                      
    
    say(concat('plain: ', plaintext))                                                                                                                                                     
    say(concat('cipher: ', tohex(ciphertext)))                                                                                                                                            
    say(concat('plain_reverse: ', plaintext_reverse))                                                                                                                                     
    
    if ne(plaintext, plaintext_reverse) {                                                                                                                                                 
        say('plaintext ~= plaintext_reverse')                                                                                                                                            
        exit(400)                                                                                                                                                                        
    }

sha1

This function is described as follows:
  • Syntax: sha1(s)
  • Description

    You can call this function to calculate the SHA1 digest of a string.

  • Parameters

    s: the string to process and produce a digest for.

  • Return values

    This function returns the SHA1 digest in binary format.

  • Examples
    digest = sha1('hello sha')                                                                                                                                                        
    say(concat('sha1:', tohex(digest)))
    
    Output:
    sha1:853789bc783a6b573858b6cc9f913afe82962956

sha2

This function is described as follows:
  • Syntax: sha2(s, l)
  • Description

    You can call this function to calculate the SHA2 digest of a string.

  • Parameters
    • s: the string to process and produce a digest for.
    • l: the length of the SHA2 digest. Valid values: 224, 256, 384, and 512.
  • Return values

    This function returns the SHA2 digest in the binary format.

  • Examples
    digest = sha2('hello sha2', 224)
    say(concat('sha2-224:', tohex(digest)))
    
    digest = sha2('hello sha2', 256)
    say(concat('sha2-256:', tohex(digest)))
    
    digest = sha2('hello sha2', 384)
    say(concat('sha2-384:', tohex(digest)))
    
    digest = sha2('hello sha2', 512)
    say(concat('sha2-512:', tohex(digest)))
    
    Output:
    sha2-224:b24b7effcf53ce815ee7eb73c7382613aba1c334e2a1622655362927
    sha2-256:af0425cee23c236b326ed1f008c9c7c143a611859a11e87d66d0a4c3217c7792
    sha2-384:bebbdde9efabd4b9cf90856cf30e0b024dd13177d9367d2dcf8d7a04e059f92260f16b21e261358c2271be32086ef35b
    sha2-512:a1d1aef051c198c0d26bc03500c177a315fa248cea815e04fbb9a75e5be5061617daab311c5e3d0b215dbfd4e83e73f23081242b0143dcdfce5cd92ec51394f7

hmac

This function is described as follows:
  • Syntax: hmac(k, s, v)
  • Description

    You can call this function to calculate the HMAC algorithm digest of a string.

  • Parameters
    • k: the key of the algorithm.
    • s: the string to process and produce a digest for.
    • v: the version of the algorithm. Valid values: md5, sha256, and sha512.
  • Return values

    This function returns the HMAC digest in the binary format by using the corresponding algorithm.

  • Examples
    k = '146ebcc8-392b-4b3a-a720-e7356f62f87b'
    v = 'hello mac'
    say(concat('hmac(md5): ', tohex(hmac(k, v, 'md5'))))
    say(concat('hmac(sha1): ', tohex(hmac(k, v, 'sha1'))))
    say(concat('hmac(sha256): ', tohex(hmac(k, v, 'sha256'))))
    say(concat('hmac(sha512): ', tohex(hmac(k, v, 'sha512'))))
    say(concat('hmac_sha1(): ', tohex(hmac_sha1(k, v))))
    
    Output:
    hmac(md5): 358cbfca8ad663b547c83748de2ea778
    hmac(sha1): 5555633cef48c3413b68f9330e99357df1cc3d93
    hmac(sha256): 7a494543cad3b92ce1e7c4bbc86a8f5212b53e4d661f7830f455847540a85771
    hmac(sha512): 59d7c07996ff675b45bd5fd40a6122bb5f40f597357a9b4a9e29da6f5c7cb806798c016fe09cb46457b6df9717d26d0af19896f72eaf4296be03e3681fea59ad
    hmac_sha1(): 5555633cef48c3413b68f9330e99357df1cc3d93

hmac_sha1

This function is described as follows:
  • Syntax: hmac_sha1(k, s)
  • Description

    You can call this function to calculate the HMAC-SHA-1 digest of a string.

  • Parameters
    • s: the string to process and produce a digest for.
    • k: the HMAC-SHA-1 key.
  • Return values

    This function returns the HMAC-SHA-1 digest in the binary format.

  • Examples
    k = '146ebcc8-392b-4b3a-a720-e7356f62f87b'
    v = 'hello mac'
    say(concat('hmac(md5): ', tohex(hmac(k, v, 'md5'))))
    say(concat('hmac(sha1): ', tohex(hmac(k, v, 'sha1'))))
    say(concat('hmac(sha256): ', tohex(hmac(k, v, 'sha256'))))
    say(concat('hmac(sha512): ', tohex(hmac(k, v, 'sha512'))))
    say(concat('hmac_sha1(): ', tohex(hmac_sha1(k, v))))
    
    Output:
    hmac(md5): 358cbfca8ad663b547c83748de2ea778
    hmac(sha1): 5555633cef48c3413b68f9330e99357df1cc3d93
    hmac(sha256): 7a494543cad3b92ce1e7c4bbc86a8f5212b53e4d661f7830f455847540a85771
    hmac(sha512): 59d7c07996ff675b45bd5fd40a6122bb5f40f597357a9b4a9e29da6f5c7cb806798c016fe09cb46457b6df9717d26d0af19896f72eaf4296be03e3681fea59ad
    hmac_sha1(): 5555633cef48c3413b68f9330e99357df1cc3d93

md5

This function is described as follows:
  • Syntax: md5(s)
  • Description

    You can call this function to calculate the MD5 digest of a string and return the MD5 digest in the hexadecimal format.

  • Parameters

    s: the string to process and produce a digest for.

  • Return values

    This function returns the MD5 digest in the hexadecimal format.

  • Examples
    say(concat('md5: ', md5('hello md5')))
    
    Output:
    md5: 741fc6b1878e208346359af502dd11c5

md5_bin

This function is described as follows:
  • Syntax: md5_bin(s)
  • Description

    You can call this function to calculate the MD5 digest of a string and return the MD5 digest in the binary format.

  • Parameters

    s: the string to process and produce a digest for.

  • Return values

    This function returns the MD5 digest in the binary format.

  • Examples
    say(concat('md5_bin: ', tohex(md5_bin('hello md5'))))
    
    Output:
    md5_bin: 741fc6b1878e208346359af502dd11c5