To read the article online, visit

Encyption with ASP, Part 2

In Part 1, we discussed how to create a Key. Now, we need to look at how to encrypt and decrypt a string using this key!

The following code accomplishes both of these tasks!

<% '****************************** ' Crypt.asp '****************************** Dim g_Key Const g_CryptThis = "Now is the time for all good men to come to the aid of their country." Const g_KeyLocation = "c:\key.txt" g_Key = mid(ReadKeyFromFile(g_KeyLocation),1,Len(g_CryptThis)) Response.Write "<p>ORIGINAL STRING: " & g_CryptThis & "<p>" Response.Write "<p>KEY VALUE: " & g_Key & "<p>" Response.Write "<p>ENCRYPTED CYPHERTEXT: " & EnCrypt(g_CryptThis) & "<p>" Response.Write "<p>DECRYPTED CYPHERTEXT: " & DeCrypt(EnCrypt(g_CryptThis)) & "<p>" Function EnCrypt(strCryptThis) Dim strChar, iKeyChar, iStringChar, i for i = 1 to Len(strCryptThis) iKeyChar = Asc(mid(g_Key,i,1)) iStringChar = Asc(mid(strCryptThis,i,1)) ' *** uncomment below to encrypt with addition, ' iCryptChar = iStringChar + iKeyChar iCryptChar = iKeyChar Xor iStringChar strEncrypted = strEncrypted & Chr(iCryptChar) next EnCrypt = strEncrypted End Function Function DeCrypt(strEncrypted) Dim strChar, iKeyChar, iStringChar, i for i = 1 to Len(strEncrypted) iKeyChar = (Asc(mid(g_Key,i,1))) iStringChar = Asc(mid(strEncrypted,i,1)) ' *** uncomment below to decrypt with subtraction ' iDeCryptChar = iStringChar - iKeyChar iDeCryptChar = iKeyChar Xor iStringChar strDecrypted = strDecrypted & Chr(iDeCryptChar) next DeCrypt = strDecrypted End Function Function ReadKeyFromFile(strFileName) Dim keyFile, fso, f set fso = Server.CreateObject("Scripting.FileSystemObject") set f = fso.GetFile(strFileName) set ts = f.OpenAsTextStream(1, -2) Do While not ts.AtEndOfStream keyFile = keyFile & ts.ReadLine Loop ReadKeyFromFile = keyFile End Function %>

The first thing we do in the Crypt.asp page is get the key value from our key file. Once we have read the value in we will use the MID function to read only enough key to the same length as our plaintext string. Next we move to the EnCrypt Function. This function reads our key string and our plaintext string ONE character at a time. It then does a logical exclusion (Xor) between one key character and one plaintext character. The resulting character is the encrypted character. Congratulations! Youv'e just encrypted a string.

Now that we've encoded the string, how in the world will we decode it? Pretty simple, the DeCrypt' function is identical to the encrypt function, except you just need to feed in the encrypted cyphertext. The only reason I have included two functions for encryption and decryption, is two allow you to play with different encrypt/decrypt schemes. If you read the commented lines in each of the functions, they will allow you to encrypt/decrypt with addition and subtraction.

If you put your mind to it, you could easily modify the functions provided to read in entire files. This might be a slightly challenging if you are doing this to a binary file (you would need some integrity check so characters would not be out of range when converting back and forth to ASCII). Well, have fun with it and let me know what you come up with.

You will want to keep the generated key in a safe place on the server as well as not allowing any outside access to it.

  • By Julain Sitkewich

    The Vernam Cipher was invented by none other than Gilbert Vernam (he was an AT&T engineer), in 1918. The ciphertext is generated by combining ASCII plaintext with a "one-time pad" or key. The key is combined with the plaintext stream by mod 2 (Xor), thus creating the encrypted cyphertext.

    Xor operator:
    Used to perform a logical exclusion on two expressions.

    bitwise comparison:
    A bit-by-bit comparison between identically positioned bits in two numeric expressions.


  • Download the source of Crypt.asp in text format
  • Download the source of KeyGeN.asp in text format

  • Article Information
    Article Title: Encyption with ASP, Part 2
    Article Author: Julian Sitkewich
    Published Date: Friday, November 05, 1999
    Article URL:

    Copyright 2017 QuinStreet Inc. All Rights Reserved.
    Legal Notices, Licensing, Permissions, Privacy Policy.
    Advertise | Newsletters | E-mail Offers