Encode passwords and text
You can encode passwords, and mask text in your script to hide passwords and other confidential text strings.
In this topic:
Encode a password
The password encoding tool enables you to generate masked passwords that you can use as arguments in your script or as parameter values.
For example, your website may include a form in which the user must supply a password. You may want to test how your site responds to different passwords, but you also want to protect the integrity of the passwords by hiding the plain-text password values.
To encode a password:
-
On the OpenText Professional Performance Engineering machine, open Password Encoder from the Windows Start menu.
- Enter the password in the Password box.
- Click Generate. The Password Encoder masks the password and displays it in the Encoded String box.
- Click Copy to copy the encoded string to the clipboard.
-
In the script, paste the encoded string into an lr_unmask function.
For example:
lr_start_transaction(lr_unmask("3c29f4486a595750"));
Mask a string
You can mask text in your script to hide confidential text strings.
For example, you may want to hide personal user information, such as social security or ID numbers.
To mask a string in the script:
-
Select the text you want to mask.
-
Right-click and select Mask string.
VuGen masks the visible string and adds an lr_unmask function call.
VuGen uses the original string value while displaying an encoded (masked) string in the script.
For details on the lr_unmask function, see the Function Reference.
To restore a masked string:
-
Select the masked string.
-
Right-click and select Restore masked string (<string>).
Encrypt a string
You can encrypt text in a script using a FIPS-compliant encryption method, based on the AES-256-GCM algorithm.
You can encrypt the text in the script from the context menu in the VuGen script editor. Alternatively, you can use the LRSecureCryptUtils command line tool to encrypt the text, and then copy the text into the script.
To encrypt text in a script from the context menu:
-
Prerequisite: Add an AES key to the runtime settings or system variables. For details, see Add an AES key.
- Select the string you want to encrypt in the script.
-
Right-click and select Encrypt String (Stronger Encryption) in the context menu.
The string is encrypted and inserted as an argument of the lr_decrypt_ex function.
-
To restore the encrypted string, right-click and select Restore encrypted string <string>.
To encrypt text using the command line tool:
-
Prerequisite: Add an AES key to the system variables, or save an AES key to a file. For details, see Add an AES key.
-
Run the following command.
If you did not add an AES key to the system variables, indicate the path of a file containing an AES key.
<installdir>\bin>LRSecureCryptUtils -mode=enc -keyLocation=<file path> "<text to encrypt>"
You can copy the encrypted text into the script as the argument of an lr_decrypt_ex function call.
-
To decrypt encrypted text using the command line tool, run the following command.
If you did not add the AES key to the system variables, indicate the path of the file containing the AES key.
<installdir>\bin>LRSecureCryptUtils -mode=dec -keyLocation=<file path> "<text to decrypt>"
For details on the lr_decrypt_ex function, see the Function Reference.
See also: