Looking for VBA code for doing AES 256 encryption in CBC mode

Anyone have VBA code for doing AES 256 encryption in CBC mode (uses an initialization vector)?

I've found a number of examples on the net, but none are for CBC that I can find.

I've also checked and while .Net has the needed functions, there's no COM wrapper for the AES lib (there are COM wrappers for a lot of the hashes and some encryption methods, but not for AES).

I did find two people on the net providing encryption libs for VBA, but both rely on .DLLs being installed, which I'd like to avoid if I can.

Jim.
LVL 59
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAsked:
Who is Participating?
 
John TsioumprisSoftware & Systems EngineerCommented:
Probably you could make a  .NET dll and use it via Access..
0
 
John TsioumprisSoftware & Systems EngineerCommented:
Hi Jim...have you seen this discussion
0
 
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
John,

  Yes I have.  Doesn't make any sense to me and there are no comments to figure out what's going on.  Seems to be just an example of the AES transform rather than a encrypt/decrypt setup.  

 To add some more clarity, I'm downloading encrypted data from a PHP web site into an Access app.  The data was encrypted with AES using a 256 bit key in CBC mode via OpenSSL()  in PHP.

  What I need on the VBA side is a decrypt routine.  What I have is this:

Input:
ODhNMlBnRGg0aEF2Z092VnpzWEJGdVJwYjhVSzJSdmRaY2FPT2VMdlhFbz0=

Key:
add7fc636935108704da3474402cb19263ca3d2fa06d6f1d9c56a4f0d25e78d6

IV:
75c382262de0288e

The resulting output should be:
testerA 12345678

The above values are what I see in PHP when the decryption routine runs on the web site.  The input string is Base64 encoded, and the Key and the IV are the final result of a SHA256 hash.

Jim.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
<<Probably you could make a  .NET dll and use it via Access..>>

  Have never done that before, but it would probably solve the problem.

  I have some hash functions:

Public Function MD5(ByVal sIn As String, Optional bB64 As Boolean = 0) As String
    'Set a reference to mscorlib 4.0 64-bit
    
    'Test with empty string input:
    'Hex:   d41d8cd98f00...etc
    'Base-64: 1B2M2Y8Asg...etc
        
    Dim oT As Object, oMD5 As Object
    Dim TextToHash() As Byte
    Dim bytes() As Byte
        
    Set oT = CreateObject("System.Text.UTF8Encoding")
    Set oMD5 = CreateObject("System.Security.Cryptography.MD5CryptoServiceProvider")
 
    TextToHash = oT.GetBytes_4(sIn)
    bytes = oMD5.ComputeHash_2((TextToHash))
 
    If bB64 = True Then
       MD5 = ConvToBase64String(bytes)
    Else
       MD5 = ConvToHexString(bytes)
    End If
        
    Set oT = Nothing
    Set oMD5 = Nothing

End Function

Open in new window


  But the AES stuff is not in the same .DLL and there's no wrapper for it.

Jim.
0
 
John TsioumprisSoftware & Systems EngineerCommented:
Probably you already implement it but i have found the article i have used to create a .NET dll that is visible from Access
0
 
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
Thanks.   I have been exploring how to do that and that may be the route I need to go ultimately.

 I've been waiting on a reply from a developer that offers a crypto lib for VBA.   Looks like it will do the job, but I have been unable to get it to work for my test cases.   I'm sure it's something I'm doing wrong.

 But despite having to take care of installing a .DLL, at $95 for the lib, it would save a lot of cost (and time) if I can get it to work, so that's my first choice right now.

Jim.
0
 
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
I've decided to go with a pre-written lib, as it has a wide array of crypto functions, tools and examples that have helped in me understanding AES in general.   It's also been around for a long time and is more than reasonably priced for what it offers.   The author has been more than helpful as well.

 I don't like that it has a .DLL, but having one makes it quite fast, unlike a solution I might end up with in VBA.    I still can't get a valid decrypt with it though and it seems like OpenSSL_encrypt() is doing something behind the secens with either the password or the IV.    I've opened another question to cover that.

 The lib I'm using BTW is: https://www.cryptosys.net/api.html

Thanks,
Jim.
0
 
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
I think John pointed me in the right direction, but it's more than I'm willing to take on and feel that a pre-written lib is the best approach for me.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.