Sample code for 30+ languages & platforms
DataFlex

RSAES-OAEP Encrypt/Decrypt Binary Data with AES-128 and SHA56

See more Encryption Examples

Demonstrates the use of the new EncryptBd and DecryptBd methods introduced in Chilkat v9.5.0.67 to create a PKCS7/CMS (Cryptographic Message Syntax) message using RSAES-OAEP with AES-128 and SHA256.

Note: This example requires Chilkat v9.5.0.67 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Variant vJpgBytes
    Handle hoJpgBytes
    Handle hoCrypt
    Variant vCert
    Handle hoCert
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Load a small JPG file to be encrypted/decrypted.
    Get Create (RefClass(cComChilkatBinData)) To hoJpgBytes
    If (Not(IsComObjectCreated(hoJpgBytes))) Begin
        Send CreateComObject of hoJpgBytes
    End
    Get ComLoadFile Of hoJpgBytes "qa_data/jpg/starfish20.jpg" To iSuccess
    If (iSuccess <> True) Begin
        Showln "Failed to load JPG file."
        Procedure_Return
    End

    // Show the unencrypted JPG bytes in Base64 format.
    // (The "base64_mime" encoding was added in Chilkat v9.5.0.67.
    // The "base64" encoding emits a single line of base64, whereas
    // "base64_mime" will emit multi-line base64 as it would appear
    // in MIME.)
    Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
    Showln sTemp1

    // Sample base64_mime JPG data:

    // /9j/4AAQSkZJRgABAQEASABIAAD//gAmRmlsZSB3cml0dGVuIGJ5IEFkb2JlIFBob3Rvc2hvcD8g
    // NC4w/9sAQwAQCwwODAoQDg0OEhEQExgoGhgWFhgxIyUdKDozPTw5Mzg3QEhcTkBEV0U3OFBtUVdf
    // YmdoZz5NcXlwZHhcZWdj/9sAQwEREhIYFRgvGhovY0I4QmNjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj
    // Y2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj/8IAEQgAFAAUAwERAAIRAQMRAf/EABcAAAMBAAAA
    // AAAAAAAAAAAAAAIDBAX/xAAYAQADAQEAAAAAAAAAAAAAAAABAgMEAP/aAAwDAQACEAMQAAAB2kZY
    // NNEijWKddfTmLgALWH//xAAbEAACAgMBAAAAAAAAAAAAAAABAgMRAAQSE//aAAgBAQABBQL0XqN+
    // pM2aqJGMiqFFCyg7z//EABwRAAICAgMAAAAAAAAAAAAAAAERAAIQIQMSUf/aAAgBAwEBPwHqU5aq
    // Axx+y1tMQl4elj//xAAcEQEAAQUBAQAAAAAAAAAAAAABEQACEBIhA1H/2gAIAQIBAT8B3Bhqy7Zc
    // enyiwmGgDhiOzj//xAAdEAABAwUBAAAAAAAAAAAAAAABAAIREBIhIkFR/9oACAEBAAY/ArZyn+Cg
    // xtxWuJaoCnqDuin/xAAcEAABBAMBAAAAAAAAAAAAAAABABEhYRAxQVH/2gAIAQEAAT8hkEwPUUR9
    // DYfE4nxtRpIkBTsayuALIiuY/9oADAMBAAIAAwAAABDWPTsf/8QAGhEAAwADAQAAAAAAAAAAAAAA
    // AAEREDFBIf/aAAgBAwEBPxC0DVPcWm+Ce4OesrkE6bjH/8QAGBEBAQEBAQAAAAAAAAAAAAAAAREA
    // QRD/2gAIAQIBAT8QahMiOc8YgSrnTY3ELclHXn//xAAcEAEBAAIDAQEAAAAAAAAAAAABEQAhMUFx
    // EFH/2gAIAQEAAT8Qn3igmSZSj+c4N4zapMy9IjFV98wncN2iuLFsCEbDGxQkI6RO/n//2Q==

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    // Specify the encryption to be used.
    // "pki" indicates "Public Key Infrastructure" and will create a PKCS7/CMS message.
    Set ComCryptAlgorithm Of hoCrypt To "pki"
    Set ComPkcs7CryptAlg Of hoCrypt To "aes"
    Set ComKeyLength Of hoCrypt To 128
    Set ComOaepHash Of hoCrypt To "sha256"
    Set ComOaepPadding Of hoCrypt To True

    // A certificate is needed as the encryption key..
    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End
    Get ComLoadFromFile Of hoCert "qa_data/rsaes-oaep/cert.pem" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCert To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Tell the crypt object to use the certificate.
    Get pvComObject of hoCert to vCert
    Get ComSetEncryptCert Of hoCrypt vCert To iSuccess

    // Do the in-place RSAES-OAEP encryption.
    // The contents of jpgBytes are replaced with the CMS message.
    Get pvComObject of hoJpgBytes to vJpgBytes
    Get ComEncryptBd Of hoCrypt vJpgBytes To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Examine the JPG bytes again.  The bytes should be different because they are encrypted:
    Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
    Showln sTemp1

    // Sample CMS message:
    // This CMS message can be copy-and-pasted into the online web form
    // at https://lapo.it/asn1js/   to verify the algorithms used.

    // MIIFDAYJKoZIhvcNAQcDoIIE/TCCBPkCAQAxggGgMIIBnAIBADB1MGgxCzAJBgNVBAYTAlVTMQsw
    // CQYDVQQIDAJJTDEQMA4GA1UEBwwHV2hlYXRvbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
    // dHkgTHRkMRcwFQYDVQQDDA5DaGlsa2F0V2lkZ2V0cwIJAMRwugDmvniwMBwGCSqGSIb3DQEBBzAP
    // oA0wCwYJYIZIAWUDBAIBBIIBAHyWLgkJfIvoA3cYEAR/uHfA7uoi4eQXHl2woQAd6W5BbUNVBcYD
    // zuCTTOTWo1e7Uh0j0AhMZvVQf3+cngTiimzKwIZ2LNuNAgYOhrO/7coHyB22ImVetncUpCsAv/u7
    // 2tYp1dO36T56K+2hMELwcQXTj6v5ODO6a3emdCjITCjHhlYePvq2l0HyU2ALG5RFB6ldk9imhKzn
    // 6gfcijfH65S+KfMRlFBCXFu5nCBKmi8Ywo8Ue0rFssUDKLCjCeQNY52symiDbN/d06K/luOUwVhY
    // 1KQffdIKmTrZUugw+FaoQRq0xGj39T/sYu8qCinNZu/vPdUmxcXszSaSVJ/LGwcwggNOBgkqhkiG
    // 9w0BBwEwHQYJYIZIAWUDBAECBBDLnqRASqqnNUV2IiDkTRl/gIIDIPRaxdKEjhR5RD7pc7yI5j7N
    // TioZNvuMETdHWgHy7eOGz+1hP7fObk/RI0mtQx7IPEjkxaduNbXNzTpXAVRVj4Fw1zzXlqh9UPwt
    // p3TN3NsVRPQ5GmQ+cnPTSZD8i3i8ru8WFHyj1M6vyA0phrEGltKgqsZbb+OkuO5qG3laJv4XGkmn
    // 039pPGSTydQzW+HAp/hsJZLEMwdngXToi854ytjEk+ahCkeOz+d2MAfXZAR+nBCkmAmCQ9SDVTqH
    // FVJOAV2WrKBqNv4+iMn63f7QeoVIjk0QTE8D2iRsUiFYjy4ICaUpplLJEewneH5l0W40KA2+mOep
    // lIrvWnaX2H8ltOEBGD6Jng7i6p/Q4Lr+Y+HBYIHsBPLox3A4NOh/b0MZcyBr/AV2CsIwkIUGLlYl
    // /3rnpl7dRTuHP+fe1lDQVLAxD+U0c73sW7vOALhEe2t2Ae3ayukWPRyfXK9FNHAMhcOI4stHNSwx
    // o2fHa+ctTpPh0V5CHY/ELAKKkrH3nW954pk52tc8Xt6CnzVO5ry/ndcmTlQA0PkG6CK98TE9hCTA
    // hBdSL4/gVFgi9c35I6VXieY9kJe5ICljw5Ftm5yqTwlJIxGU3Z/WeIYBF4uyMegG75AQ9Md9tX0h
    // w8OOu2b6sIvxOZ+durIrYQDlXUXU/IR9exzAlYFENNBPhBgtDsWKSx5gcp+32kC5wtSYSiy3JxNt
    // 0W1yEJz8JGZXhuUvRXjwf+AjS4+/o82WTNXVLVKZ0TP50NVvtf9QqWuXvK/kDDPx6w+abK/aqdAs
    // QSL7wCxOosR2YUPWbXtwGhyHbIfAwWXijO2RnrqKeXL25Ywg16LQUTHq9Mlbgfw/tx3l5pjrmqFC
    // e9t9aaU6kDZqyyfRDOeWwkuDIsT90ulazbed2apgUXYj6AVVvMiC1pRld9wSuHH0vW0x5VsNbmXy
    // EY0NJlJY6II/1szy3bpiP6MsqFveCyCX8rM7UgGgpMNbvWPnsX0F/0eJywIrXrnQYXpvfgghIrlr
    // qu/ftXWypfcfvATxme+cN2EBsCDhq4VcMgB6JY3ykv6P8PK/QpMTbu4Y

    // To decrypt, we'll need the cert with private key.  
    // (The certificate alone contains only the public key.)
    // Provide the required cert + private key from a PFX (.pfx/.p12) file.
    Get ComAddPfxSourceFile Of hoCrypt "qa_data/rsaes-oaep/cert_plus_privatekey.pfx" "PFX_PASSWORD" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Decrypt to restore back to the original:
    Get pvComObject of hoJpgBytes to vJpgBytes
    Get ComDecryptBd Of hoCrypt vJpgBytes To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
    Showln sTemp1


End_Procedure