Home
Security
Go beyond the norm in cybersecurity.
Security Features
Maintaining the control over production and the processes in the application has the highest priority in automation. Even measures to prevent security threats must not affect this.
Crypthographic functions
(CCL) - The Common Cryptography Library
The Common Cryptography Library (CCL) is a comprehensive cryptographic library that provides robust encryption and decryption functions using state-of-the-art algorithms.
encrypt()
Encrypts the given plaintext using the specified passphrase and configuration.

Version Information
Release Notes, Update information, Certifications and Frequently Asked Questions.
Concepts
Your first step into modern and powerful process visualization.
Deployment
Topics, you need to know, before using WinCC OA.
Security
Go beyond the norm in cybersecurity.
- Security Features
  Maintaining the control over production and the processes in the application has the highest priority in automation. Even measures to prevent security threats must not affect this.
  - Authorization Concept
  - Certificates
  - Login
  - Login Framework
    The WinCC OA login framework provides a framework that is easy to extend. The WinCC OA login panels can be easily replaced by user-specific panels without having to re-implement the functionality.
  - Server Side Authentication
  - User-defined Login
  - Authentication via Kerberos, basics
    In a more and more networking world, a WinCC OA system could be exposed to different types of attacks. An unauthorized WinCC OA system could connect to the distribution manager or hackers could try to manipulate WinCC OA messages.
  - Basics on Encryption
  - Crypthographic functions
    - Use of CCL
      This chapter describes what the (CCL) - The Common Cryptography Library offers.
    - (CCL) - The Common Cryptography Library
      The Common Cryptography Library (CCL) is a comprehensive cryptographic library that provides robust encryption and decryption functions using state-of-the-art algorithms.
      - decrypt()
        Decrypts the specified ciphertext using the specified passphrase.
      - encrypt()
        Encrypts the given plaintext using the specified passphrase and configuration.
- Multiplexing Proxy
  The WinCC OA Multiplexing Proxy Manager is used to increase the security of your WinCC OA projects.
- Continuous Monitoring
  The Continuous Monitoring feature of WinCC OA provides an interface for external tools to read and validate log and error messages of Security Events that were generated by the WinCC OA.
- Security Events in WinCC OA
- Further References
Engineering
Powerful tools for easy or complex engineering tasks.
Data Management
Classify, structure and archive your data.
Business Logic / Control
Endless possibilities in data processing for your projects.
Data Visualization
User interfaces, Trends and Reports for every purpose and device.
Southbound Interfaces
The process connection to the actual machines/sensors.
Northbound Interfaces
Your portal to the cloud or supervising systems.
Web Connectivity / Network Interfaces
Data exchange, APIs and web technologies
User Management
All about authorization, authentication and login-customization.
Availability
How to get your system uptime to the maximum.
Reporting
Create state of the art project reports without limits.
Addons
Useful tools and enhancements for special demands.
Reference Tables
Detailed and extensive content for special project adaptation.
Videos & Tutorials
Explore the capabilities of WinCC OA with our carefully selected collection of video tutorials and guides.
WinCC OA Documentation
Basic information about terms and functions within the documentation.
Disclaimer
A brief clarification of liability exclusions or legal notices.

encrypt()

Encrypts the given plaintext using the specified passphrase and configuration.

Synopsis

int encrypt(string | blob plaintext, string passphrase, blob ciphertext [, string cipherConfig]);

Parameters


Parameter	Description
plaintext	The plaintext to encrypt.
passphrase	The passphrase to use for encryption.
ciphertext	The object to store the encrypted data.
config	The encryption configuration to use (default is "`AES_256_CBC__HMAC_SHA_3_256__PBKDF2_SHA_3_256__100000`"). You can use user-defined configurations. To do this, use a character string in a specific format that is understandable for the CCL. The format for the cipher configuration is defined as follows: <CipherAlgorithm>__<CipherHmacAlgorithm>__<CipherKeyDerivationFunction>__<KeyIterationCount> Currently you can only configure the KeyIterationCount, so two customizable configurations are possible: AES_256_CBC__HMAC_SHA_3_256__PBKDF2_SHA_3_256__<KeyIterationCount> ENVELOPE_RSA_AES_256_CBC__HMAC_SHA_3_256__PBKDF2_SHA_3_256__<KeyIterationCount>
ErrorCode	Indicates the success or failure of the operation. In the event of an error, the function returns negative values. Otherwise, the length of the resulting blob is returned in bytes.

Return Value

Indicates the success or failure of the operation. In the event of an error, the function returns negative values. Otherwise, the length of the resulting blob is returned in bytes.

Description

This method encrypts the specified plaintext data using the specified passphrase and the cipher configuration and stores the result in the specified ciphertext.

Example


  public int test_AES_256_CBC_EncryptDecrypt_String()
  {
    const string plaintext = "Test encryption and decryption. Тест русских символов.";
    const string passphrase = "akaSpUk0agC1P3f 测试中文字符和特殊字符";
    const string cipherConfig = "AES_256_CBC__HMAC_SHA_3_256__PBKDF2_SHA_3_256__123456";

    blob ciphertext;
    int errorCode = encrypt(plaintext, passphrase, ciphertext, cipherConfig);
    this.assertEqual(errorCode, 176);

    string decryptedText;
    errorCode = decrypt(ciphertext, passphrase, decryptedText);
    return 0;
  }

Assignment

Crypthographic functions

Availability

UI, CTRL