-
May 2nd, 2018, 02:24 AM
#1
[VB6/VBA] Simple AES 256-bit password protected encryption
Simple AES 256-bit password protected encryption
A single mdAesCtr.bas module contains an implementation of a simple to use openssl compatible AES 256-bit encryption/decryption in Counter (CTR) mode, using CNG API functions available in Win7 and later.
Sample usage
Just copy/paste mdAesCtr.bas from Source code section below to your project and will be able to strongly encrypt a user-supplied text with a custom password by calling AesEncryptString like this
encrypted = AesEncryptString(userText, password)
To decrypt the original text use AesDecryptString function with the same password like this
origText = AesDecryptString(encrypted, password)
These functions use sane defaults for salt and cipher strength that you don't have to worry about. These also encode/expect the string in encrypted in base-64 format so it can be persisted/mailed/transported as a simple string.
Advanced usage
Both string functions above use AesCryptArray worker function to encrypt/decrypt UTF-8 byte-arrays of the original strings. You can directly call AesCryptArray if you need to process binary data or need to customize AES salt and/or AES key length (strength) parameters.
Function AesCryptArray also allows calculating detached HMAC-SHA256 on the input/output data ("detached" means hashes has to be stored separately, supports both encrypt-then-MAC and MAC-then-encrypt) when used like this
AesCryptArray baEncr, ToUtf8Array("pass"), Hmac:=baHmacEncr
(See More samples section below)
Stream usage
When contents to be encrypted does not fit in (32-bit) memory you can expose private pvCryptoAesCtrInit/Terminate/Crypt functions so these can be used to implement read/process/write loop on paged original content.
Implementation
This implementation used to be based on WinZip AES-encrypted archives as implemented in ZipArchive project but now is compatible with openssl enc command when using aes-256-ctr cipher.
Source code
Code:
'--- https://gist.github.com/wqweto/42a6c1de16cc87e9bab2ac9f3c9d8510
'--- already too long to fit in 25000 characters post limit
More samples
Code:
Option Explicit
Private Sub TestEncrypt()
Dim sPass As String
Dim sText As String
Dim sEncr As String
sPass = "password123"
sText = "this is a test"
sEncr = AesEncryptString(sText, sPass)
Debug.Assert sText = AesDecryptString(sEncr, sPass)
Debug.Print "Result (Base64): " & sEncr
Debug.Print "Raw byte-array: " & StrConv(FromBase64Array(sEncr), vbUnicode)
Debug.Print "Decrypted: " & AesDecryptString(sEncr, sPass)
End Sub
Private Sub TestHmac()
Dim baEncr() As Byte
Dim baHmacEncr(0 To 31) As Byte
Dim baHmacDecr(0 To 31) As Byte
baEncr = ToUtf8Array("test message")
baHmacEncr(0) = 0 '--- 0 -> generate hash before encrypting
AesCryptArray baEncr, ToUtf8Array("pass"), Hmac:=baHmacEncr
baHmacDecr(0) = 1 '--- 1 -> decrypt and generate hash after that
AesCryptArray baEncr, ToUtf8Array("pass"), Hmac:=baHmacDecr
Debug.Assert InStrB(1, baHmacDecr, baHmacEncr) = 1
Debug.Print "baHmacDecr: " & StrConv(baHmacDecr, vbUnicode)
Debug.Print "baHmacEncr: " & StrConv(baHmacEncr, vbUnicode)
End Sub
cheers,
</wqw>
Last edited by wqweto; Jan 28th, 2022 at 05:54 AM.
Reason: VBA compatibility
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|