Persits Software, Inc. Knowledge Base Articles

Invalid algorithm specified / Invalid flags specified

Problem Description

When using a strong encryption algorithm with AspEncrypt, such as 128-bit RC2 or Triple DES, one of the following errors is generated by the methods GenerateKey and GenerateKeyFromPassword :

Invalid algorithm specified.

Invalid flags specified.

while using 40-bit RC2 seems to work fine.


This means that your code uses the Microsoft Base Cryptographic Provider, while the Enhanced Cryptographic Provider provider is required for strong encryption algorithms.

1. Make sure the 128-bit security patch for Internet Explorer is installed on your server. If necessary, download the patch from .

2. Make the Enhanced Cryptographic Provider the default one on your system by executing the following ASP script:

Set CM = Server.CreateObject("Persits.CryptoManager")
CM.LogonUser "domain", "administrator", "xxxxxx"
CM.SetDefaultProvider "Microsoft Enhanced Cryptographic Provider v1.0"
Set Context = CM.OpenContext("mycontainer", True)
Response.Write Context.ProviderName

This script should display the string

Microsoft Enhanced Cryptographic Provider v1.0

The effect of calling SetDefaultProvider is permanent. Once you make the Enhanced provider the default one, you no longer need to use the method CM.SetDefaultProvider in any of your scripts.

Instead of changing the default provider via the SetDefaultProvider method, you may explicilty specify the Enhanced Provider via the method OpenContextEx in all your scripts as follows:

Set Context = CM.OpenContextEx("Microsoft Enhanced Cryptographic Provider v1.0", "mycontainer", True)
Set Key = Context.GenerateKey(...)

3. In order to use macros such as calgRC2 or calg3DES in your script, you must include the following METADATA tag in your ASP file:

<!--METADATA TYPE="TypeLib" UUID="{B72DF063-28A4-11D3-BF19-009027438003}"-->