How to Use AspEncrypt as a Client-site ActiveX Control Part 1
What is AspEncrypt?
AspEncrypt is an Active Server component that brings security to your applications through encryption. With AspEncrypt, you can encrypt data, send S/MIME-based secure mail, compute one-way hash values, generate and verify digital signatures, issue and manage X.509 digital certificates, and more. This component can be used in an ASP/ASP.NET or VB environment on Windows 2000/XP/2003/2008/Vista/7.
In this article we will tell you about “How to Use AspEncrypt as a Client-site ActiveX Control”. We divide this discussion into two different articles. You can find the next article in here.
Use AspEncrypt as a Client-side ActiveX Control
Starting with Version 2.0, the AspEncrypt.dll file contains an ActiveX control component called XEncrypt which can be used on the client side inside Internet Explorer 4.0+. All the cryptographic operations offered by AspEncrypt can now take place on the user’s machine and not just the web server. XEncrypt exposes the same properties and methods as CryptoManager with the exception of a few methods not applicable to client-side operations.
Most importantly, XEncrypt allows your Web-based application to perform operations involving the user’s private key such as digital signing or data decryption without jeopardizing the security of the private key.
XEncrypt does not require a registration key, so you do not need to purchase a license for every client machine XEncrypt will be downloaded to. However, XEncrypt will only work under IE and not any other environment such as VB, etc. For containers other than IE, you must continue using the CryptoManager object which requires a registration key.
Using XEncrypt under IE
The XEncrypt ActiveX control resides in the same DLL as the rest of the AspEncrypt objects, aspencrypt.dll. To use XEncrypt on the client side, your web page must reference it using the <OBJECT> tag, as follows:
1 2 3 4 5 | <OBJECT CLASSID="CLSID:F9463571-87CB-4A90-A1AC-2284B7F5AF4E" CODEBASE="aspencrypt.dll" ID="XEncrypt"> </OBJECT> |
The CLASSID attribute is the globally unique identifier (GUID) of the XEncrypt control.
The CODEBASE attribute points to a relative path of the file aspencrypt.dll on your server. For this code to work, you must place the file aspencrypt.dll in a virtual directory on your web server where the browser can find and download it from. Note that you do not need to register aspencrypt.dll in that location. Your web server may have the file aspencrypt.dll registered in, say, the system folder c:\winnt\system32, and another copy of that file placed in the same virtual directory as the HTML or ASP files that reference it.
The ID attribute is to be used by client-side VBScript to reference the XEncrypt control (see code samples below).
AspEncrypt is a digitally signed DLL, so when your users run this page for the first time, they will see a dialog box similar to this:
XEncrypt is an invisible control with no user interface. It can only be invoked by client-side script. The code sample http://localhost/aspencrypt/client_side/simple_client.asp demonstrates simple text encryption and decryption performed on the client side:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | <HTML> <HEAD> <OBJECT classid="CLSID:F9463571-87CB-4A90-A1AC-2284B7F5AF4E" codeBase="aspencrypt.dll" id="XEncrypt"> </OBJECT> <SCRIPT LANGUAGE="VBSCRIPT"> Sub Encrypt Set Context = XEncrypt.OpenContext("mycontainer", False) Set Key = Context.GenerateKeyFromPassword("my password") Set Blob = Key.EncryptText( document.myForm.txtEncr.Value ) document.myForm.txtDecr.Value = Blob.Base64 End Sub Sub Decrypt Set Context = XEncrypt.OpenContext("mycontainer", False) Set Key = Context.GenerateKeyFromPassword("my password") Set Blob = XEncrypt.CreateBlob Blob.Base64 = document.myForm.txtDecr.Value MsgBox Key.DecryptText(Blob) End Sub </SCRIPT> </HEAD> <BODY> <FORM NAME="myForm"> <INPUT TYPE="TEXT" NAME="txtEncr" SIZE="60" VALUE="Text to encrypt"> <INPUT TYPE="BUTTON" OnClick="Encrypt" VALUE="Encrypt"> <P> <INPUT TYPE="TEXT" NAME="txtDecr" SIZE="60"> <INPUT TYPE="BUTTON" OnClick="Decrypt" VALUE="Decrypt"> </FORM> </BODY> </HTML> |
Next: How to Use AspEncrypt as a Client-site ActiveX Control Part 2
Best and Cheap Classic ASP Hosting With AspEncrypt Recommendation
ASPHostPortal.com was founded in 2008. It has been topping the list of almost all the web hosting review sites so far. Still have websites running on ASP 3.0 or Classic ASP? Don’t worry; they still support legacy technology like Classic ASP Hosting. You can also mix and match Classic ASP and ASP.NET code in one single web site. They will make sure that Classic ASP runs smoothly on their servers and that your website is safer, faster and better supported than anywhere else! Their best and cheap Classic ASP hosting plan is starting at $5.00/mo. ASPHostPortal.com is now providing free domain and double SQL server space for new clients to enjoy the company’s outstanding web hosting service.
[stextbox id=”asp_net_hosting” caption=”ASPHostPortal.com is Microsoft No #1 Recommended Windows Hosting Partner”]ASPHostPortal.com is Microsoft No #1 Recommended Windows and ASP.NET Spotlight Hosting Partner in United States. Microsoft presents this award to ASPHostPortal.com for the ability to support the latest Microsoft and ASP.NET technology, such as: WebMatrix, WebDeploy, Visual Studio 2012, .NET 4.5.2/ASP.NET 4.5.1, ASP.NET MVC 6.0/5.2, Silverlight 5 and Visual Studio Lightswitch. Click here for more information[/stextbox]