(Classic ASP) PBES1 Password-Based Encryption (PBE)

Demonstrates how to implement password-based encryption according to the PKCS #5 v2.0: Password-Based Cryptography Standard (published by RSA Laboratories). This example uses PBES1, which ise based on the PBKDF1 function and an underlying block cipher such as RC2, DES, etc.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Crypt2")
set crypt = Server.CreateObject("Chilkat.Crypt2")

' Set properties for PBES1 encryption:

crypt.CryptAlgorithm = "pbes1"
crypt.PbesPassword = "mySecretPassword"

' Set the underlying PBE algorithm (and key length):
' For PBES1, the underlying algorithm must be either
' 56-bit DES or 64-bit RC2 
' (this is according to the PKCS#5 specifications at
' http://www.rsa.com/rsalabs/node.asp?id=2127   )
crypt.PbesAlgorithm = "rc2"
crypt.KeyLength = 64

' The salt for PBKDF1 is always 8 bytes:
crypt.SetEncodedSalt "0102030405060708","hex"

' A higher iteration count makes the algorithm more
' computationally expensive and therefore exhaustive
' searches (for breaking the encryption) is more difficult:
crypt.IterationCount = 1024

' A hash algorithm needs to be set for PBES1:
crypt.HashAlgorithm = "sha1"

' Indicate that the encrypted bytes should be returned
' as a hex string:
crypt.EncodingMode = "hex"

plainText = "To be encrypted."

encryptedText = crypt.EncryptStringENC(plainText)

Response.Write "<pre>" & Server.HTMLEncode( encryptedText) & "</pre>"

' Now decrypt:
decryptedText = crypt.DecryptStringENC(encryptedText)

Response.Write "<pre>" & Server.HTMLEncode( decryptedText) & "</pre>"

%>
</body>
</html>