|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PureBasic) Yubikey RSA Encrypt/DecryptSee more RSA ExamplesDemonstrates how to do RSA decryption using a private key stored on a Yubikey (or other USB token or smartcard).Note: RSA encryption uses the public key, which is freely exportable and does not need to occur on the token/smartcard. Note: This example requires Chilkat v10.1.3 or greater.
IncludeFile "CkBinData.pb" IncludeFile "CkCert.pb" IncludeFile "CkRsa.pb" Procedure ChilkatExample() ; This example assumes you have a certificate with private key on the Yubikey token. ; When doing simple RSA encryption/decryption, we don't actually need the certificate, ; but we'll be using the private key associated with the certificate. ; ; The sensitive/secret material that needs to be kept private is the private key. ; The certificate itself and the public key can be freely shared. ; ; We're going to encrypt and decrypt 32-bytes of data. bd.i = CkBinData::ckCreate() If bd.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success.i = CkBinData::ckAppendEncoded(bd,"000102030405060708090A0B0C0D0E0F","hex") success = CkBinData::ckAppendEncoded(bd,"000102030405060708090A0B0C0D0E0F","hex") ; Let's get the desired cert. ; For this example, a self-signed certificate with a 2048-bit RSA key was generated in slot 9A. cert.i = CkCert::ckCreate() If cert.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; Force Chilkat to use PKCS11 over ScMinidriver (if on Windows) and Apple Keychain (if on MacOS) CkCert::setCkUncommonOptions(cert, "NoScMinidriver,NoAppleKeychain") CkCert::setCkSmartCardPin(cert, "123456") success = CkCert::ckLoadFromSmartcard(cert,"cn=chilkat_test_2048") If success = 0 Debug CkCert::ckLastErrorText(cert) CkBinData::ckDispose(bd) CkCert::ckDispose(cert) ProcedureReturn EndIf ; RSA encrypt using the public key. rsa.i = CkRsa::ckCreate() If rsa.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; Provide the RSA object with the certificate on the Yubkey. success = CkRsa::ckSetX509Cert(rsa,cert,1) If success = 0 Debug CkRsa::ckLastErrorText(rsa) CkBinData::ckDispose(bd) CkCert::ckDispose(cert) CkRsa::ckDispose(rsa) ProcedureReturn EndIf ; RSA encrypt using the public key. usePrivateKey.i = 0 success = CkRsa::ckEncryptBd(rsa,bd,usePrivateKey) If success = 0 Debug CkRsa::ckLastErrorText(rsa) CkBinData::ckDispose(bd) CkCert::ckDispose(cert) CkRsa::ckDispose(rsa) ProcedureReturn EndIf Debug "RSA Encrypted Output in Hex:" Debug CkBinData::ckGetEncoded(bd,"hex") ; Now let's decrypt, using the private key on the Yubikey. usePrivateKey = 1 success = CkRsa::ckDecryptBd(rsa,bd,usePrivateKey) If success = 0 Debug CkRsa::ckLastErrorText(rsa) CkBinData::ckDispose(bd) CkCert::ckDispose(cert) CkRsa::ckDispose(rsa) ProcedureReturn EndIf Debug "RSA Decrypted Output in Hex:" Debug CkBinData::ckGetEncoded(bd,"hex") CkBinData::ckDispose(bd) CkCert::ckDispose(cert) CkRsa::ckDispose(rsa) ProcedureReturn EndProcedure |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.