|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi DLL) Encrypt a file to a PKCS7 encrypted message using multiple certificates from different usersDemonstrates how to encrypt a file to a PKCS7 encrypted message using multiple certificates from different users. Any one of the users can decrypt using his/her own certificate + private key. Note: When doing public key encryption, it is the public key that is used to encrypt. The private key is required for decryption.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, BinData, Cert, Crypt2; ... procedure TForm1.Button1Click(Sender: TObject); var crypt: HCkCrypt2; cert1: HCkCert; success: Boolean; cert2: HCkCert; cert3: HCkCert; fileData: HCkBinData; begin // This example requires the Chilkat Crypt API to have been previously unlocked. // See Unlock Chilkat Crypt for sample code. crypt := CkCrypt2_Create(); // Tell the crypt object to use 3 certificates. // Do this by calling AddEncryptCert for each certificate. // Load a digital certificate. // We don't need the private key for encryption. // Only the public key is needed (which is included in a certificate). cert1 := CkCert_Create(); success := CkCert_LoadFromFile(cert1,'qa_data/user1/cert_user1.pem'); // Assume success for the example, but make sure your application checks for success/failure... CkCrypt2_AddEncryptCert(crypt,cert1); cert2 := CkCert_Create(); success := CkCert_LoadFromFile(cert2,'qa_data/user2/cert_user2.pem'); CkCrypt2_AddEncryptCert(crypt,cert2); cert3 := CkCert_Create(); success := CkCert_LoadFromFile(cert3,'qa_data/user3/cert_user3.pem'); CkCrypt2_AddEncryptCert(crypt,cert3); // Indicate that we want PKI encryption (i.e. public-key infrastructure) // to produce a CMS message (Cryptographic Message Syntax/PKCS7), // that is be created with RSAES-OAEP padding, SHA256, and AES-128 for the // bulk encryption. CkCrypt2_putCryptAlgorithm(crypt,'pki'); CkCrypt2_putPkcs7CryptAlg(crypt,'aes'); CkCrypt2_putKeyLength(crypt,128); CkCrypt2_putOaepHash(crypt,'sha256'); CkCrypt2_putOaepPadding(crypt,True); // Load the file to be encrypted... fileData := CkBinData_Create(); success := CkBinData_LoadFile(fileData,'qa_data/jpg/penguins.jpg'); // Your app should check for success/failure.. // Encrypt the data. The contents of the fileData object are replaced with the PKCS7 encrypted message. success := CkCrypt2_EncryptBd(crypt,fileData); if (success <> True) then begin Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt)); Exit; end; // Save the PKCS7 encrypted message to a file.. success := CkBinData_WriteFile(fileData,'qa_output/pkcs7_encrypted.p7'); // Now indicate that the PKCS7 output is to be returned in the base64 encoding. CkCrypt2_putEncodingMode(crypt,'base64'); Memo1.Lines.Add('OK.'); CkCrypt2_Dispose(crypt); CkCert_Dispose(cert1); CkCert_Dispose(cert2); CkCert_Dispose(cert3); CkBinData_Dispose(fileData); end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.