DataFlex
DataFlex
RSAES-OAEP Encrypt/Decrypt Binary Data with AES-128 and SHA56
See more Encryption Examples
Demonstrates the use of the new EncryptBd and DecryptBd methods introduced in Chilkat v9.5.0.67 to create a PKCS7/CMS (Cryptographic Message Syntax) message using RSAES-OAEP with AES-128 and SHA256.Note: This example requires Chilkat v9.5.0.67 or greater.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vJpgBytes
Handle hoJpgBytes
Handle hoCrypt
Variant vCert
Handle hoCert
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Load a small JPG file to be encrypted/decrypted.
Get Create (RefClass(cComChilkatBinData)) To hoJpgBytes
If (Not(IsComObjectCreated(hoJpgBytes))) Begin
Send CreateComObject of hoJpgBytes
End
Get ComLoadFile Of hoJpgBytes "qa_data/jpg/starfish20.jpg" To iSuccess
If (iSuccess <> True) Begin
Showln "Failed to load JPG file."
Procedure_Return
End
// Show the unencrypted JPG bytes in Base64 format.
// (The "base64_mime" encoding was added in Chilkat v9.5.0.67.
// The "base64" encoding emits a single line of base64, whereas
// "base64_mime" will emit multi-line base64 as it would appear
// in MIME.)
Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
Showln sTemp1
// Sample base64_mime JPG data:
// /9j/4AAQSkZJRgABAQEASABIAAD//gAmRmlsZSB3cml0dGVuIGJ5IEFkb2JlIFBob3Rvc2hvcD8g
// NC4w/9sAQwAQCwwODAoQDg0OEhEQExgoGhgWFhgxIyUdKDozPTw5Mzg3QEhcTkBEV0U3OFBtUVdf
// YmdoZz5NcXlwZHhcZWdj/9sAQwEREhIYFRgvGhovY0I4QmNjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj
// Y2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj/8IAEQgAFAAUAwERAAIRAQMRAf/EABcAAAMBAAAA
// AAAAAAAAAAAAAAIDBAX/xAAYAQADAQEAAAAAAAAAAAAAAAABAgMEAP/aAAwDAQACEAMQAAAB2kZY
// NNEijWKddfTmLgALWH//xAAbEAACAgMBAAAAAAAAAAAAAAABAgMRAAQSE//aAAgBAQABBQL0XqN+
// pM2aqJGMiqFFCyg7z//EABwRAAICAgMAAAAAAAAAAAAAAAERAAIQIQMSUf/aAAgBAwEBPwHqU5aq
// Axx+y1tMQl4elj//xAAcEQEAAQUBAQAAAAAAAAAAAAABEQACEBIhA1H/2gAIAQIBAT8B3Bhqy7Zc
// enyiwmGgDhiOzj//xAAdEAABAwUBAAAAAAAAAAAAAAABAAIREBIhIkFR/9oACAEBAAY/ArZyn+Cg
// xtxWuJaoCnqDuin/xAAcEAABBAMBAAAAAAAAAAAAAAABABEhYRAxQVH/2gAIAQEAAT8hkEwPUUR9
// DYfE4nxtRpIkBTsayuALIiuY/9oADAMBAAIAAwAAABDWPTsf/8QAGhEAAwADAQAAAAAAAAAAAAAA
// AAEREDFBIf/aAAgBAwEBPxC0DVPcWm+Ce4OesrkE6bjH/8QAGBEBAQEBAQAAAAAAAAAAAAAAAREA
// QRD/2gAIAQIBAT8QahMiOc8YgSrnTY3ELclHXn//xAAcEAEBAAIDAQEAAAAAAAAAAAABEQAhMUFx
// EFH/2gAIAQEAAT8Qn3igmSZSj+c4N4zapMy9IjFV98wncN2iuLFsCEbDGxQkI6RO/n//2Q==
Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
If (Not(IsComObjectCreated(hoCrypt))) Begin
Send CreateComObject of hoCrypt
End
// Specify the encryption to be used.
// "pki" indicates "Public Key Infrastructure" and will create a PKCS7/CMS message.
Set ComCryptAlgorithm Of hoCrypt To "pki"
Set ComPkcs7CryptAlg Of hoCrypt To "aes"
Set ComKeyLength Of hoCrypt To 128
Set ComOaepHash Of hoCrypt To "sha256"
Set ComOaepPadding Of hoCrypt To True
// A certificate is needed as the encryption key..
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadFromFile Of hoCert "qa_data/rsaes-oaep/cert.pem" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Tell the crypt object to use the certificate.
Get pvComObject of hoCert to vCert
Get ComSetEncryptCert Of hoCrypt vCert To iSuccess
// Do the in-place RSAES-OAEP encryption.
// The contents of jpgBytes are replaced with the CMS message.
Get pvComObject of hoJpgBytes to vJpgBytes
Get ComEncryptBd Of hoCrypt vJpgBytes To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Examine the JPG bytes again. The bytes should be different because they are encrypted:
Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
Showln sTemp1
// Sample CMS message:
// This CMS message can be copy-and-pasted into the online web form
// at https://lapo.it/asn1js/ to verify the algorithms used.
// MIIFDAYJKoZIhvcNAQcDoIIE/TCCBPkCAQAxggGgMIIBnAIBADB1MGgxCzAJBgNVBAYTAlVTMQsw
// CQYDVQQIDAJJTDEQMA4GA1UEBwwHV2hlYXRvbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
// dHkgTHRkMRcwFQYDVQQDDA5DaGlsa2F0V2lkZ2V0cwIJAMRwugDmvniwMBwGCSqGSIb3DQEBBzAP
// oA0wCwYJYIZIAWUDBAIBBIIBAHyWLgkJfIvoA3cYEAR/uHfA7uoi4eQXHl2woQAd6W5BbUNVBcYD
// zuCTTOTWo1e7Uh0j0AhMZvVQf3+cngTiimzKwIZ2LNuNAgYOhrO/7coHyB22ImVetncUpCsAv/u7
// 2tYp1dO36T56K+2hMELwcQXTj6v5ODO6a3emdCjITCjHhlYePvq2l0HyU2ALG5RFB6ldk9imhKzn
// 6gfcijfH65S+KfMRlFBCXFu5nCBKmi8Ywo8Ue0rFssUDKLCjCeQNY52symiDbN/d06K/luOUwVhY
// 1KQffdIKmTrZUugw+FaoQRq0xGj39T/sYu8qCinNZu/vPdUmxcXszSaSVJ/LGwcwggNOBgkqhkiG
// 9w0BBwEwHQYJYIZIAWUDBAECBBDLnqRASqqnNUV2IiDkTRl/gIIDIPRaxdKEjhR5RD7pc7yI5j7N
// TioZNvuMETdHWgHy7eOGz+1hP7fObk/RI0mtQx7IPEjkxaduNbXNzTpXAVRVj4Fw1zzXlqh9UPwt
// p3TN3NsVRPQ5GmQ+cnPTSZD8i3i8ru8WFHyj1M6vyA0phrEGltKgqsZbb+OkuO5qG3laJv4XGkmn
// 039pPGSTydQzW+HAp/hsJZLEMwdngXToi854ytjEk+ahCkeOz+d2MAfXZAR+nBCkmAmCQ9SDVTqH
// FVJOAV2WrKBqNv4+iMn63f7QeoVIjk0QTE8D2iRsUiFYjy4ICaUpplLJEewneH5l0W40KA2+mOep
// lIrvWnaX2H8ltOEBGD6Jng7i6p/Q4Lr+Y+HBYIHsBPLox3A4NOh/b0MZcyBr/AV2CsIwkIUGLlYl
// /3rnpl7dRTuHP+fe1lDQVLAxD+U0c73sW7vOALhEe2t2Ae3ayukWPRyfXK9FNHAMhcOI4stHNSwx
// o2fHa+ctTpPh0V5CHY/ELAKKkrH3nW954pk52tc8Xt6CnzVO5ry/ndcmTlQA0PkG6CK98TE9hCTA
// hBdSL4/gVFgi9c35I6VXieY9kJe5ICljw5Ftm5yqTwlJIxGU3Z/WeIYBF4uyMegG75AQ9Md9tX0h
// w8OOu2b6sIvxOZ+durIrYQDlXUXU/IR9exzAlYFENNBPhBgtDsWKSx5gcp+32kC5wtSYSiy3JxNt
// 0W1yEJz8JGZXhuUvRXjwf+AjS4+/o82WTNXVLVKZ0TP50NVvtf9QqWuXvK/kDDPx6w+abK/aqdAs
// QSL7wCxOosR2YUPWbXtwGhyHbIfAwWXijO2RnrqKeXL25Ywg16LQUTHq9Mlbgfw/tx3l5pjrmqFC
// e9t9aaU6kDZqyyfRDOeWwkuDIsT90ulazbed2apgUXYj6AVVvMiC1pRld9wSuHH0vW0x5VsNbmXy
// EY0NJlJY6II/1szy3bpiP6MsqFveCyCX8rM7UgGgpMNbvWPnsX0F/0eJywIrXrnQYXpvfgghIrlr
// qu/ftXWypfcfvATxme+cN2EBsCDhq4VcMgB6JY3ykv6P8PK/QpMTbu4Y
// To decrypt, we'll need the cert with private key.
// (The certificate alone contains only the public key.)
// Provide the required cert + private key from a PFX (.pfx/.p12) file.
Get ComAddPfxSourceFile Of hoCrypt "qa_data/rsaes-oaep/cert_plus_privatekey.pfx" "PFX_PASSWORD" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Decrypt to restore back to the original:
Get pvComObject of hoJpgBytes to vJpgBytes
Get ComDecryptBd Of hoCrypt vJpgBytes To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComGetEncoded Of hoJpgBytes "base64_mime" To sTemp1
Showln sTemp1
End_Procedure