Looking for VBA code for doing AES 256 encryption in CBC mode

Anyone have VBA code for doing AES 256 encryption in CBC mode (uses an initialization vector)?

I've found a number of examples on the net, but none are for CBC that I can find.

I've also checked and while .Net has the needed functions, there's no COM wrapper for the AES lib (there are COM wrappers for a lot of the hashes and some encryption methods, but not for AES).

I did find two people on the net providing encryption libs for VBA, but both rely on .DLLs being installed, which I'd like to avoid if I can.

LVL 60
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

John TsioumprisSoftware & Systems EngineerCommented:
Hi Jim...have you seen this discussion
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:

  Yes I have.  Doesn't make any sense to me and there are no comments to figure out what's going on.  Seems to be just an example of the AES transform rather than a encrypt/decrypt setup.  

 To add some more clarity, I'm downloading encrypted data from a PHP web site into an Access app.  The data was encrypted with AES using a 256 bit key in CBC mode via OpenSSL()  in PHP.

  What I need on the VBA side is a decrypt routine.  What I have is this:




The resulting output should be:
testerA 12345678

The above values are what I see in PHP when the decryption routine runs on the web site.  The input string is Base64 encoded, and the Key and the IV are the final result of a SHA256 hash.

John TsioumprisSoftware & Systems EngineerCommented:
Probably you could make a  .NET dll and use it via Access..

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
<<Probably you could make a  .NET dll and use it via Access..>>

  Have never done that before, but it would probably solve the problem.

  I have some hash functions:

Public Function MD5(ByVal sIn As String, Optional bB64 As Boolean = 0) As String
    'Set a reference to mscorlib 4.0 64-bit
    'Test with empty string input:
    'Hex:   d41d8cd98f00...etc
    'Base-64: 1B2M2Y8Asg...etc
    Dim oT As Object, oMD5 As Object
    Dim TextToHash() As Byte
    Dim bytes() As Byte
    Set oT = CreateObject("System.Text.UTF8Encoding")
    Set oMD5 = CreateObject("System.Security.Cryptography.MD5CryptoServiceProvider")
    TextToHash = oT.GetBytes_4(sIn)
    bytes = oMD5.ComputeHash_2((TextToHash))
    If bB64 = True Then
       MD5 = ConvToBase64String(bytes)
       MD5 = ConvToHexString(bytes)
    End If
    Set oT = Nothing
    Set oMD5 = Nothing

End Function

Open in new window

  But the AES stuff is not in the same .DLL and there's no wrapper for it.

John TsioumprisSoftware & Systems EngineerCommented:
Probably you already implement it but i have found the article i have used to create a .NET dll that is visible from Access
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
Thanks.   I have been exploring how to do that and that may be the route I need to go ultimately.

 I've been waiting on a reply from a developer that offers a crypto lib for VBA.   Looks like it will do the job, but I have been unable to get it to work for my test cases.   I'm sure it's something I'm doing wrong.

 But despite having to take care of installing a .DLL, at $95 for the lib, it would save a lot of cost (and time) if I can get it to work, so that's my first choice right now.

Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
I've decided to go with a pre-written lib, as it has a wide array of crypto functions, tools and examples that have helped in me understanding AES in general.   It's also been around for a long time and is more than reasonably priced for what it offers.   The author has been more than helpful as well.

 I don't like that it has a .DLL, but having one makes it quite fast, unlike a solution I might end up with in VBA.    I still can't get a valid decrypt with it though and it seems like OpenSSL_encrypt() is doing something behind the secens with either the password or the IV.    I've opened another question to cover that.

 The lib I'm using BTW is: https://www.cryptosys.net/api.html

Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerAuthor Commented:
I think John pointed me in the right direction, but it's more than I'm willing to take on and feel that a pre-written lib is the best approach for me.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.