Sample code for 30+ languages & platforms
C

Encrypt File using X.509 Certificate using AES in CBC Mode

See more Encryption Examples

Demonstrates how to encrypt a file using an X.509 Certificate's public key, where the underlying bulk encryption algorithm is 128-bit AES in CBC mode. (The underlying bulk encryption algorithm can be specified to be other algorithms/strengths.)

Chilkat C Downloads

C
#include <C_CkCrypt2.h>
#include <C_CkCert.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCrypt2 crypt;
    HCkCert cert;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    crypt = CkCrypt2_Create();

    // Use public-key cryptography for encryption.
    CkCrypt2_putCryptAlgorithm(crypt,"pki");

    // Get an X.509 certificate to use for encrypting.
    // Note: Chilkat provides many different ways of loading a certificate, from many different formats,
    // or if on Windows, from the installed certificates on the system.
    // This example simply loads a certificate from a file.
    // Also, for encryption, only the public key is needed.  Digital certificates embed the public key
    // within the X.509 format itself.  Therefore, if you have a certificate, you also have the public key.
    cert = CkCert_Create();
    success = CkCert_LoadFromFile(cert,"qa_data/certs/testCert.cer");
    if (success != TRUE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        return;
    }

    success = CkCrypt2_SetEncryptCert(crypt,cert);
    if (success != TRUE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        return;
    }

    // Indicate the underlying bulk encryption algorithm to be used:
    CkCrypt2_putPkcs7CryptAlg(crypt,"aes");
    CkCrypt2_putKeyLength(crypt,128);

    // Note: When doing public-key encryption the underlying bulk symmetric cipher mode will always be CBC. (at least with Chilkat...)

    // There's one last option that could be set.  If is the RSA encryption encryption/padding scheme. 
    // By default, RSAES_PKCS1-V1_5 is used.  If desired, the OaepPadding property could be set to TRUE to
    // use RSAES_OAEP.  (We'll leave it set at the default value of FALSE)
    CkCrypt2_putOaepPadding(crypt,FALSE);

    // Everything is specified.  Now just encrypt...
    // The output is PKCS7 in binary DER format.
    success = CkCrypt2_CkEncryptFile(crypt,"qa_data/hamlet.xml","qa_output/hamlet.p7");
    if (success != TRUE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        return;
    }

    printf("Finished.\n");


    CkCrypt2_Dispose(crypt);
    CkCert_Dispose(cert);

    }