Sample code for 30+ languages & platforms
DataFlex

RSAES-OAEP Encrypt String with AES-128 Content Encryption and SHA256

See more Encryption Examples

Encrypts a string using RSAES-OAEP with SHA256 and AES-128 content encryption to produce PKCS7 output (base64 encoded).

Note: This example requires Chilkat v9.5.0.67 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoSb
    Integer i
    Variant vCert
    Handle hoCert
    Handle hoCrypt
    String sBase64Pkcs7
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First build a string to be encrypted
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSb
    If (Not(IsComObjectCreated(hoSb))) Begin
        Send CreateComObject of hoSb
    End
    Move 1 To i
    While (i < 25)
        Get ComAppendInt Of hoSb i To iSuccess
        Get ComAppend Of hoSb " the quick brown fox jumped over the lazy dog." + (character(13)) + (character(10)) To iSuccess
        Move (i + 1) To i
    Loop

    Get ComGetAsString Of hoSb To sTemp1
    Showln sTemp1

    // The string to be encrypted looks like this:

    // 1 the quick brown fox jumped over the lazy dog.
    // 2 the quick brown fox jumped over the lazy dog.
    // 3 the quick brown fox jumped over the lazy dog.
    // 4 the quick brown fox jumped over the lazy dog.
    // 5 the quick brown fox jumped over the lazy dog.
    // 6 the quick brown fox jumped over the lazy dog.
    // ...

    // Load a digital certificate. 
    // We don't need the private key for encryption.
    // Only the public key is needed (which is included in a certificate).
    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End
    Get ComLoadFromFile Of hoCert "qa_data/rsaes-oaep/cert.pem" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCert To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    // Tell the crypt object to use the certificate.
    Get pvComObject of hoCert to vCert
    Get ComSetEncryptCert Of hoCrypt vCert To iSuccess

    // Indicate that we want PKI encryption (i.e. public-key infrastructure)
    // to produce a CMS message (Cryptographic Message Syntax/PKCS7),
    // that is be created with RSAES-OAEP padding, SHA256, and AES-128 for the
    // bulk encryption.
    Set ComCryptAlgorithm Of hoCrypt To "pki"
    Set ComPkcs7CryptAlg Of hoCrypt To "aes"
    Set ComKeyLength Of hoCrypt To 128
    Set ComOaepHash Of hoCrypt To "sha256"
    Set ComOaepPadding Of hoCrypt To True

    // Also, don't forget to be specific about the character encoding (byte representation) of the
    // string to be encrypted.
    Set ComCharset Of hoCrypt To "utf-8"

    // Now indicate that the PKCS7 output is to be returned in the base64 encoding.
    Set ComEncodingMode Of hoCrypt To "base64"

    Get ComGetAsString Of hoSb To sTemp1
    Get ComEncryptStringENC Of hoCrypt sTemp1 To sBase64Pkcs7
    Get ComLastMethodSuccess Of hoCrypt To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Show the output
    Showln sBase64Pkcs7

    // This base64 can be copy-and-pasted into the form at http://lapo.it/asn1js/
    // to verify that all the chosen algorithms were indeed used.

    Showln "OK."


End_Procedure