Article PS040625142 Advanced Encryption Standard (AES) Support Summary Starting with version 2.3 (released on June 25, 2004), AspEncrypt provides support for the Advanced Encryption Standard (AES) cipher also known as Rijndael. AES is a symmetric block cipher approved by the US government as a replacement for DES in 2001. AES is currently implemented on Windows XP and Windows 2003, but not on Windows NT or 2000. This article explains how to use AES with AspEncrypt. Implementation Details The AES cipher is currently implemented by the Microsoft Enhanced RSA and AES Cryptographic Provider on Windows XP and 2003 only. On Windows XP, the actual registry name of the CSP is Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype). AES is currently implemented in three key lengths: 128 bits, 192 bits and 256 bits. Accordingly, the AspEncrypt library defines the following constants to designate these key lengths: calgAES128 (26126) calgAES192 (26127) calgAES256 (26128) These constants (or their numeric equivalents) are to be passed to the methods GenerateKey, GenerateKeyFromPassword and ImportRawKey as an Algorithm argument. The following code snippet encrypts a string with a password-derived 256-bit AES key on Windows 2003. On Windows XP, the code would be the same except that the CSP name passed to OpenContextEx would have to be appended with the word (Prototype). <!--METADATA TYPE="TypeLib" UUID="{B72DF063-28A4-11D3-BF19-009027438003}"--> <% Set CM = Server.CreateObject("Persits.CryptoManager") Set context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", True) ' Generate 256-bit AES key Set Key = context.GenerateKeyFromPassword("password", , calgAES256 ) ' Encrypt text Set Blob = Key.EncryptText("Some text") %> Using a Pre-set Key The following code snippet takes a pre-set 128-bit AES key and encrypts a binary string with it. The values for the key and string were taken from the AES specifications to verify the correctness of encryption: <!--METADATA TYPE="TypeLib" UUID="{B72DF063-28A4-11D3-BF19-009027438003}"--> <% Set CM = Server.CreateObject("Persits.CryptoManager") Set context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", True) ' Blob containing raw bits of key Set KeyBlob = CM.CreateBlob KeyBlob.Hex = "00010203050607080A0B0C0D0F101112" ' Import key bits into CryptoKey object, set cipher mode Set key = context.ImportRawKey(KeyBlob, calgAES128, True) key.Mode = ccmECB ' Binary plain text Set blob = CM.CreateBlob blob.Hex = "506812A45F08C889B97F5980038B8359" ' Encrypt, display result in Hex Set ResBlob = key.EncryptBinary(blob) Response.Write ResBlob.Hex %> Created: 6/25/2004 12:32:52 PM Last Modified: 1/30/2015 11:36:59 AM Copyright © Persits Software, Inc. 1998 - 2018 For technical support, write to support@persits.com.