Sample code for 30+ languages & platforms
SQL Server

AES XTS Mode

See more Encryption Examples

Demonstrates the AES-XTS mode of operation.

Note: This example requires Chilkat v9.5.0.91 or greater.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example assumes the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- Here we have a sample from CAVS validatition data:

    -- COUNT = 301
    -- DataUnitLen = 200
    -- Key = 
    -- 394c97881abd989d29c703e48a72b397
    -- a7acf51b59649eeea9b33274d8541df4
    -- i = 4b15c684a152d485fe9937d39b168c29
    -- PT = 2f3b9dcfbae729583b1d1ffdd16bb6fe2757329435662a78f0
    -- CT = f3473802e38a3ffef4d4fb8e6aa266ebde553a64528a06463e

    -- Note: The above sample requires an AES-XTS implementation that fully supports ciphertext-stealing
    -- because the data to be encrypted is not an even multiple of the AES block size (i.e. not a multiple of 16 bytes).
    -- Chilkat fully supports AES-XTS with ciphertext stealing.
    -- (i.e. Chilkat implements XEX-based tweaked-codebook mode with ciphertext stealing (XTS))

    DECLARE @key nvarchar(4000)
    SELECT @key = '394c97881abd989d29c703e48a72b397'
    DECLARE @tweakKey nvarchar(4000)
    SELECT @tweakKey = 'a7acf51b59649eeea9b33274d8541df4'
    DECLARE @dataUnit nvarchar(4000)
    SELECT @dataUnit = '4b15c684a152d485fe9937d39b168c29'

    DECLARE @bd int
    EXEC @hr = sp_OACreate 'Chilkat.BinData', @bd OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @bd, 'AppendEncoded', @success OUT, '2f3b9dcfbae729583b1d1ffdd16bb6fe2757329435662a78f0', 'hex'

    DECLARE @crypt int
    EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT

    EXEC sp_OASetProperty @crypt, 'CryptAlgorithm', 'aes'
    EXEC sp_OASetProperty @crypt, 'CipherMode', 'xts'
    EXEC sp_OASetProperty @crypt, 'KeyLength', 128

    EXEC sp_OAMethod @crypt, 'SetEncodedKey', NULL, @key, 'hex'
    EXEC sp_OAMethod @crypt, 'XtsSetEncodedTweakKey', NULL, @tweakKey, 'hex'
    EXEC sp_OAMethod @crypt, 'XtsSetEncodedTweakValue', NULL, @dataUnit, 'hex'

    -- In-place encrypt the contents of bd.
    EXEC sp_OAMethod @crypt, 'EncryptBd', @success OUT, @bd


    EXEC sp_OAMethod @bd, 'GetEncoded', @sTmp0 OUT, 'hexlower'
    PRINT 'CT = ' + @sTmp0

    -- Decrypt to revert back to the unencrypted content:
    EXEC sp_OAMethod @crypt, 'DecryptBd', @success OUT, @bd


    EXEC sp_OAMethod @bd, 'GetEncoded', @sTmp0 OUT, 'hexlower'
    PRINT 'PT = ' + @sTmp0

    -- Output:
    -- CT = f3473802e38a3ffef4d4fb8e6aa266ebde553a64528a06463e
    -- PT = 2f3b9dcfbae729583b1d1ffdd16bb6fe2757329435662a78f0

    EXEC @hr = sp_OADestroy @bd
    EXEC @hr = sp_OADestroy @crypt


END
GO