Code@ Questions have Moved!

In an effort to streamline our efforts, Code@ has moved the Questions and Answers section to the Salesforce StackExchange site, which you can find at the following url: http://salesforce.stackexchange.com/questions/tagged/exacttarget. Please be sure to TAG YOUR QUESTIONS with exacttarget, so our partners know specifically what application your question is pertaining to, and our experts can provide you with a more timely response.

We will discontinue support for this section, and will only be monitoring questions at that location. If your question is currently unanswered, feel free to post that same question on StackExchange to the broader community.

Thank you for your understanding!

Home / question / Encryption and Decryption with Ampscript
Ask A Question

Encryption and Decryption with Ampscript

525 points
psapir's picture

Do you have a code sample that shows how to encrypt a value using AMPscript and decrypt it outside of ET (c# for instance?). I'v been trying to do that but it doesn't seem that I can get it to work.

Thanks!

Product Group: 

Comments

3720 points
jmeketa's picture

 

 

If you setup and use our AMPScript EncryptSymmetricfunction using our Key Management solution you SHOULD use our DecryptSymmetric function.

Using a 3rd party decrypt algorithm would not be supported by ExactTarget support.

Is it technically possible? Yes…our API functions simply wrap classes in the System.Security.Cryptography .Net namespace and those algorithms (e.g. AES) are public domain knowledge, but it is by no means guaranteed to work.

So you should be able to attempt to write your own supported solution in language of choice and test.

 Jason Meketa

  

525 points
psapir's picture

I've tried the method you mentioned ealier, with not much success. I guess the best approach should be using an assymetric mechanism such as RSA when interacting with 3rd party systems.


If the best practice is not to use the encryption method in AMPscript to then decrypt it within the third party, what can it be a good approach? I was thinking to store the encrypted value on the SendLog, then in the 3rd party site query the sendlog DE for that value and get the email address. That's the best secure way I imagine to get the information from the subscriber without exposing it in the URL.

3720 points
jmeketa's picture

I believe asymmetric is our recommendation for third party interaction like this. But I need to see if I can find/provide an example. wiki.memberlandingpages.com/010_ExactTarget/090_Admin/Encryption_Key_Management provides an overview but I would like to provide you with more. Asking internally. I will post something when I have.

Jason Meketa

525 points
psapir's picture

I got it working with the DES algorithm. I couldn't make it work with AES since I can't seem to get the differences between the IV and SALT values being used but it worked with DES after a few tries!