Sample code for 30+ languages & platforms
Chilkat2-Python

Encrypt/Decrypt using PFX to produce -----BEGIN PKCS7----- ... -----END PKCS7-----

See more Encryption Examples

First we encrypt using a certificate + public key to produce output such as:
-----BEGIN PKCS7-----
MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywC ...
...
...
-----END PKCS7-----
Then we decrypt using the cert + private key.

Chilkat Chilkat2-Python Downloads

Chilkat2-Python
import sys
import chilkat2

success = False

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

crypt = chilkat2.Crypt2()

# Specify the encryption to be used.
# "pki" indicates "Public Key Infrastructure" and will create a PKCS7 encrypted (enveloped) message.
crypt.CryptAlgorithm = "pki"
crypt.Pkcs7CryptAlg = "aes"
crypt.KeyLength = 128
crypt.OaepHash = "sha256"
crypt.OaepPadding = True

# A certificate is needed as the encryption key.
# Althought the PFX contains the associated private key, we don't need it for encryption.
# (A certificate usually contains the public key by default.)
cert = chilkat2.Cert()
success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if (success != True):
    print(cert.LastErrorText)
    sys.exit()

# Tell the crypt object to use the certificate.
crypt.SetEncryptCert(cert)

toBeEncrypted = "This string is to be encrypted."

# Get the result in multi-line BASE64 MIME format.
crypt.EncodingMode = "base64_mime"

encryptedStr = crypt.EncryptStringENC(toBeEncrypted)
if (success != True):
    print(crypt.LastErrorText)
    sys.exit()

# Make a "-----BEGIN PKCS7-----" ... "-----END PKCS7-----" sandwich...
sb = chilkat2.StringBuilder()
sb.AppendLine("-----BEGIN PKCS7-----",True)
sb.Append(encryptedStr)
sb.AppendLine("-----END PKCS7-----",True)

outStr = sb.GetAsString()

print(outStr)

# Sample output:

# -----BEGIN PKCS7-----
# MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix
# GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
# Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0
# aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug
# DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL
# 8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl
# V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/
# 0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/
# tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V
# k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4
# JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=
# -----END PKCS7-----

# ----------------------------------------------------------------------------------------
# Let's Decrypt the above string.

# Start with what was produced above..
sb.Clear()
bCrlf = True
sb.AppendLine("-----BEGIN PKCS7-----",bCrlf)
sb.AppendLine("MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix",bCrlf)
sb.AppendLine("GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR",bCrlf)
sb.AppendLine("Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0",bCrlf)
sb.AppendLine("aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug",bCrlf)
sb.AppendLine("DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL",bCrlf)
sb.AppendLine("8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl",bCrlf)
sb.AppendLine("V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/",bCrlf)
sb.AppendLine("0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/",bCrlf)
sb.AppendLine("tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V",bCrlf)
sb.AppendLine("k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4",bCrlf)
sb.AppendLine("JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=",bCrlf)
sb.AppendLine("-----END PKCS7-----",bCrlf)

decrypt = chilkat2.Crypt2()
decrypt.CryptAlgorithm = "pki"

# Use the same cert + private key from the PFX above.
# For decryption, we need the private key.  Given that the certificate was loaded from a PFX,
# we should already have it.
success = decrypt.SetDecryptCert(cert)

decrypt.EncodingMode = "base64"
decryptedText = decrypt.DecryptStringENC(sb.GetBetween("-----BEGIN PKCS7-----","-----END PKCS7-----"))

print(decryptedText)