diff --git a/.gitignore b/.gitignore
index 76770df..84f5bfe 100644
--- a/.gitignore
+++ b/.gitignore
@@ -45,4 +45,4 @@ doc/api/
 /test.kdbx
 /test_v4.kdbx
 /test_v4x.kdbx
-
+/test_output*.kdbx
diff --git a/lib/src/crypto/key_encrypter_kdf.dart b/lib/src/crypto/key_encrypter_kdf.dart
index 8ded916..36ae5ee 100644
--- a/lib/src/crypto/key_encrypter_kdf.dart
+++ b/lib/src/crypto/key_encrypter_kdf.dart
@@ -1,11 +1,14 @@
 import 'dart:convert';
 import 'dart:typed_data';
 
+import 'package:crypto/crypto.dart' as crypto;
 import 'package:kdbx/kdbx.dart';
 import 'package:kdbx/src/crypto/argon2.dart';
 import 'package:kdbx/src/internal/byte_utils.dart';
+import 'package:kdbx/src/internal/crypto_utils.dart';
 import 'package:kdbx/src/kdbx_var_dictionary.dart';
 import 'package:logging/logging.dart';
+import 'package:pointycastle/export.dart';
 
 final _logger = Logger('key_encrypter_kdf');
 
@@ -88,9 +91,10 @@ class KeyEncrypterKdf {
         break;
       case KdfType.Aes:
         _logger.fine('Must be using aes');
-        break;
+        return encryptAes(key, kdfParameters);
     }
-    throw UnsupportedError('unsupported encrypt stuff.');
+    throw UnsupportedError(
+        'unsupported KDF Type UUID ${ByteUtils.toHexList(uuid)}.');
   }
 
   Uint8List encryptArgon2(Uint8List key, VarDictionary kdfParameters) {
@@ -106,4 +110,17 @@ class KeyEncrypterKdf {
       KdfField.version.read(kdfParameters),
     );
   }
+
+  Uint8List encryptAes(Uint8List key, VarDictionary kdfParameters) {
+    final encryptionKey = KdfField.salt.read(kdfParameters);
+    final rounds = KdfField.rounds.read(kdfParameters);
+    assert(encryptionKey.length == 32);
+    final cipher = ECBBlockCipher(AESFastEngine())
+      ..init(true, KeyParameter(encryptionKey));
+    var transformedKey = key;
+    for (int i = 0; i < rounds; i++) {
+      transformedKey = AesHelper.processBlocks(cipher, transformedKey);
+    }
+    return crypto.sha256.convert(transformedKey).bytes as Uint8List;
+  }
 }
diff --git a/lib/src/internal/crypto_utils.dart b/lib/src/internal/crypto_utils.dart
index e73c91b..d4d1f1c 100644
--- a/lib/src/internal/crypto_utils.dart
+++ b/lib/src/internal/crypto_utils.dart
@@ -20,7 +20,7 @@ class AesHelper {
     final Pbkdf2Parameters params =
         Pbkdf2Parameters(salt, iterationCount, derivedKeyLength);
     final KeyDerivator keyDerivator =
-        PBKDF2KeyDerivator(HMac(SHA256Digest(), 16));
+        PBKDF2KeyDerivator(HMac(SHA256Digest(), 64));
     keyDerivator.init(params);
 
     return keyDerivator.process(password);
diff --git a/test/aeskdf.kdbx b/test/aeskdf.kdbx
new file mode 100644
index 0000000..0a79168
Binary files /dev/null and b/test/aeskdf.kdbx differ
diff --git a/test/kdbx4_test.dart b/test/kdbx4_test.dart
index e89db92..0c93850 100644
--- a/test/kdbx4_test.dart
+++ b/test/kdbx4_test.dart
@@ -94,6 +94,12 @@ void main() {
           kdbxFormat.read(data, Credentials(ProtectedValue.fromString('asdf')));
       expect(file.body.rootGroup.entries, hasLength(1));
     });
+    test('Reading aes-kdf', () async {
+      final data = await File('test/aeskdf.kdbx').readAsBytes();
+      final file =
+          kdbxFormat.read(data, Credentials(ProtectedValue.fromString('asdf')));
+      expect(file.body.rootGroup.entries, hasLength(1));
+    });
   });
   group('Writing', () {
     test('Create and save', () {
diff --git a/test_output_chacha20.kdbx b/test_output_chacha20.kdbx
deleted file mode 100644
index 4997401..0000000
Binary files a/test_output_chacha20.kdbx and /dev/null differ