Sample code for 30+ languages & platforms
DataFlex

Deriving a 256-bit AES Secret Key from a Password Using SHA256

See more Encryption Examples

This example demonstrates how to derive a 256-bit secret key for AES encryption from an password string. (A more secure way of deriving secret keys from passwords is via PBKDF2, and Chilkat has examples for this on example-code.com).

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoCrypt
    String sPassword
    String sStrSecretKeyHex

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    Move "mySecretPassword" To sPassword

    Set ComEncodingMode Of hoCrypt To "hex"

    // We're going to hash the utf-8 byte representation of the password.
    // For this example, the utf-8 byte representation is identical to the us-ascii 
    // representation because there are no 8bit chars (such as non-English or chars with accent marks.)
    Set ComCharset Of hoCrypt To "utf-8"

    // Compute the SHA-256 hash of the password, and return the hash
    // in hexidecimal string form:
    Get ComHashStringENC Of hoCrypt sPassword To sStrSecretKeyHex

    // Set our encryption algorithm to 256-bit AES (CBC mode)
    Set ComCryptAlgorithm Of hoCrypt To "aes"
    Set ComCipherMode Of hoCrypt To "cbc"
    Set ComKeyLength Of hoCrypt To 256
    Send ComSetEncodedIV To hoCrypt "000102030405060708090A0B0C0D0E0F" "hex"

    // Now set the 256-bit binary secret key:
    Send ComSetEncodedKey To hoCrypt sStrSecretKeyHex "hex"

    // That's all for this example.  We've setup the encryptor with our
    // 256-bit key derived from a password string.  There are other examples
    // to show the calls for encrpyting / decrypting..


End_Procedure