(Delphi DLL) Sign and Encrypt using Cert to produce -----BEGIN PKCS7----- ... -----END PKCS7-----

Demonstrates how to first sign content using your own cert + private key to produce PKCS7 binary output. Then encrypt the signed binary output using the recipient's public key to produce output such as:

-----BEGIN PKCS7-----
MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywC ...
...
...
-----END PKCS7-----

Chilkat for Delphi Downloads Chilkat non-ActiveX DLL for Delphi Chilkat ActiveX DLL for Delphi * The examples here use the non-ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, BinData, Cert, StringBuilder, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
crypt: HCkCrypt2;
toBeSignedAndEncrypted: PWideChar;
myCert: HCkCert;
success: Boolean;
signedPkcs7: PWideChar;
bdPkcs7: HCkBinData;
cert: HCkCert;
sb: HCkStringBuilder;
outStr: PWideChar;

begin
//  This example requires the Chilkat API to have been previously unlocked.
//  See Global Unlock Sample for sample code.

crypt := CkCrypt2_Create();

toBeSignedAndEncrypted := 'This string is to be signed and then encrypted.';

myCert := CkCert_Create();
success := CkCert_LoadPfxFile(myCert,'qa_data/pfx/cert_test123.pfx','test123');
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(myCert));
    Exit;
  end;

success := CkCrypt2_SetSigningCert(crypt,myCert);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

//  Get the PKCS7 output in base64 format.
CkCrypt2_putEncodingMode(crypt,'base64');
//  Perhaps we don't want the entire cert chain to be included in the signature?
CkCrypt2_putIncludeCertChain(crypt,False);
signedPkcs7 := CkCrypt2__opaqueSignStringENC(crypt,toBeSignedAndEncrypted);

//  We're going to encrypt the binary PKCS7 signature (which contains the content)
bdPkcs7 := CkBinData_Create();
CkBinData_AppendEncoded(bdPkcs7,signedPkcs7,'base64');

//  ---------------------------------------------------
//  Now for the encryption...

//  Specify the encryption to be used.
//  "pki" indicates "Public Key Infrastructure" and will create a PKCS7 encrypted (enveloped) message.
CkCrypt2_putCryptAlgorithm(crypt,'pki');
CkCrypt2_putPkcs7CryptAlg(crypt,'aes');
CkCrypt2_putKeyLength(crypt,128);
CkCrypt2_putOaepHash(crypt,'sha256');
CkCrypt2_putOaepPadding(crypt,True);

//  A certificate is needed as the encryption key..
cert := CkCert_Create();
success := CkCert_LoadFromFile(cert,'qa_data/certs/testCert.pem');
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

//  Tell the crypt object to use the certificate.
CkCrypt2_SetEncryptCert(crypt,cert);

success := CkCrypt2_EncryptBd(crypt,bdPkcs7);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

//  Make a "-----BEGIN PKCS7-----" ... "-----END PKCS7-----" sandwich...
sb := CkStringBuilder_Create();
CkStringBuilder_AppendLine(sb,'-----BEGIN PKCS7-----',True);
CkStringBuilder_Append(sb,CkBinData__getEncoded(bdPkcs7,'base64_mime'));
CkStringBuilder_AppendLine(sb,'-----END PKCS7-----',True);

outStr := CkStringBuilder__getAsString(sb);

Memo1.Lines.Add(outStr);

//  Sample output:

//  -----BEGIN PKCS7-----
//  MIIMFQYJKoZIhvcNAQcDoIIMBjCCDAICAQAxggH5MIIB9QIBADCBsTCBmzELMAkGA1UEBhMCR0Ix
//  GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
//  Q09NT0RPIENBIExpbWl0ZWQxQTA/BgNVBAMTOENPTU9ETyBTSEEtMjU2IENsaWVudCBBdXRoZW50
//  aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhEAuBl4qE2MODB05C5h53M5UDA4BgkqhkiG9w0B
//  AQcwK6APMA0GCWCGSAFlAwQCAQUAoRgwFgYJKoZIhvcNAQEIMAkGBSsOAwIaBQAEggEAA34hkvxY
//  TXMUAsWBmnRIvfFK920WeUVenM4ob7qibDiaXI2qWBgzkIfQH2T1vIYHHzNQuaaiTrK3THn8Nzfy
//  RFqTnhfWwsIL/yinHVn5rA9CbHFmxqHr2UctZxLB7x/DxV7pjqpTTveCwgC9FykxGBcNO92Thlho
//  bHyq1VM+tm4ppkyV982xL1VAIUX6BvqRlfPsB3hJsdGz/Z3HBdLNgkp2z8mMcLZx9vXwZ3Nyrsi1
//  JqUP4wJ+HHYb5aJseE2UtrEh+s/eq+49OS9BhAWKRlmTxZo8XSQPNeVIRt0HvFAr/+E+jiyASI7b
//  9mjPPWP36ia4+/yhUwchnD/bJxa5gjCCCf4GCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEFApbYsk
//  2qdwHv7dkngFg3CAggnQiMpHuoyOxSilO2lowI73vwX44PKKu1aGFW+mCbne/UZfOAgbvpHQ1LcP
//  Nam+I8MZRtT7nqN3ZWIIvW468z2Z8ne4DqO/D0adlSwE66Z2JxkZncrUM+QR1Oo9sz7aY0eUxzeB
//  5yTUcm3gZSFsKJ0czKzxF7r8IE2ytRVjYWbSZ4eGcJ9Pjpxk38+IZTkcWyzreOCSE9NvH+mefJHT
//  IeTH05w96Rei5YEq1Zn41+bw/Yh19hKHarudAerA1v5f36gz/eWMF2VF5/D23dW3tbw1DpDc/96B
//  3Mu4/Z1CREQ1C6NLlRHIoULADScuzyQTlmbj2v7vBJa46GZvjswyDbALIJ7B026JHpSUCPcf90q4
//  qlAoOjLCOSEMb8qhHHchwEaHcydCRB1bschj+eBHJp6R3spbQXCtRnSLuvTdBSPVR5sD140q8f68
//  YHyozbBWkxp5vv6fOyQMBibUhW7tyLod7M4pcgZlSKE6v9qhOCnE5Ym+wkX/t78E+W1wflmAwVJo
//  WZXoJNul6b6Ith9nCWwX3d6iJY/mdapaqabFGV2qFu1MG1wiKzrZtl/5qbVNXeraLLOTBW+hPeNt
//  hb0XpWHtR28Ig1Y51P2wEGNoTsZrkJrOn8Go0mgHlWnUPLJImyDZYdJF6ZvlRhpSj/99RLHZORT7
//  m1akNtXeQhfE3bj2tlYkviuBYtetwIGos9y74XCQWkours/5as6WqKozYHpFigPB3OLdWbq2txxc
//  k741BL/Mw5ugtHmPqNzRn4txMvB+lAcE1y75sESqC774bSCmrn+uVmOTZFvNob0dhZNTGsbcLCTe
//  LLGS3ZUscah/9iVte5xGnsCOSq18PjPIdqMvzSEcrYQVyqe2/68mae6dpk7gyeiTYpDsSYO+KaHw
//  bwwViPnVOhRkXxU54unymiSmgIRrhn+hsbkxvJk3Q307a7wcj+/ygw5stTV2hLmIQotMvmlpFTLZ
//  PhB5eyFIZaWKV8XJgPV5JInrm39taw8ClHeSC31BNgfkX5u2h0pA1f5zMZ/SvgriW0Xumyoy/9XC
//  eVL6fCZEWmaRZbAy5RlVELR/N2/Z5VS6s8U6Wrck9Zq9sGelf+0QWbCEwNoxQf+xxH55QnzHRvpu
//  s839qRy/5msXSYno0fl3uE6cP/bWwk0Rvt3QYp75UTZDkfXl0ywy00V6AMPssKlDZe0GYWaqcHqz
//  xj2sOK++Iz0tlmhS6QWcGrgWyVaHG9E2van/yLE4Sl4qnKt88/vK+cTKCrRCStslrt2Z/1myLnaB
//  6b6uAlVFk+kIHH82WaXxfCVedoGVk+jL3qPRbQiCzm7O66N6ecXIFWQ10sR5AXk/k4M6rM2Zhgoh
//  yjPAxEHOzZ7nTLMb2MvPSV4KbrQT7Qs8prefY6o1OANXu4HRzL+zzttiIrV72vVemF80q7e5wYKR
//  pGC85zZwz084RSWSwHTXDeWpI8zRPM7eboR97q9dfy7V23YlYJyM2RYrusweULib6X4me9nPhOzD
//  4KmqI6FSOvwTUdEDb8k32+GVB+zXsEhI6uPFz+Fgve8WUKcWX0DFoD905+KICeDFlOxWjB5FhKqF
//  DysgV1FCCN8fGWRvbe7R74KR8SYwUOSAE63PDtGDWK345sOQXp5b0Vv4lVG5/ECZqYCM9RixLsyx
//  vrozd8L0wqQJ5vlMOt9wksSYa8zzShC/tO3aGyw9NLz6y3lKoz3NfA04k8IyT2wtx2cG82h4bdwo
//  aBPdFlV9P/WlVPJXgRv0GFJFX4HiVMQBEn3Rj8H/BHzZYPo9tLnPRmuoTWv+HaoAEzxwQ4O+L9av
//  0BO0eJSJNxs3UTaxl/psm17EinNLCV7lx7jKppj8v7Xxdem0+Fu0ME92XmFKG52tT9XkniF6orNP
//  9G48f93G7tIx4CLNT5QXhnUejZG0v0uBxnL5dURV4W/49Qg49lEZZr6yUZlDUhMBSKwCW/gcTeGv
//  XVscW4UaGH9ewPFYVHNaDh7ehxkaTtuTrVpS7fPhaWLwozR1ro+U/WIqjE7QeharK+eqJN7OJNcV
//  vx42zsCCzAankT70bGsEqtA/il4IbxEa3EQTqOMLdxSJ/62IZRKGNxwZnRou8i1pswMM5q/9/ITi
//  MweZHH+AWeXrf5CLVObq2ZPk6NUPScFKSy7Vao1SxORhj+YJDd3vznWpjjq88Qs1ntwitY13jnxh
//  58XEwI+vkjAY34lOEtr2UGXS0DrANN0//VMk40WZat5rVnx9XITC9RmGFvtM0RDgMZ3BOEXyI1mI
//  nGLILcAVW+mnxJcafwFCbI1nd6KyfQU+/RmXdOLPtKMjEKm2jBZt3UGaxLkHKCuzESdYtlUkbbcL
//  K5ynNEANfBNJjf494Sd+jbKe9031E7bl4nbQGFpmJDEnszWfKMdg9ChlOfYLM26pFN0hQahA26fn
//  PgrBYvKaHauR0SUPtibwmy2kIdKoakJoIvyDDYh6HHrdcwGVHfA5nCSFIHGsv3lcdLc2sMq38TR/
//  zh7verXj0Aa71VFfmxBrRvasvdp9ms7GZFzDzMq2yf+a4knzTdRHtst6jOoTXb0RXJuLfvDTJqmF
//  tue95J8OELZOpWnp21Yj52So78BlcOC4W3VexT4hyHhtziG9BKeXvc6WSU1pUEoNkXAXXrHLi/AG
//  lC45zJ+LzDp/3rOzGQ5SIIi67ZSSQNiW85ektAoSEJZlZ1xaXt9DEbugpkySfjI/GFxSmFZqCs6h
//  RNT4f8BAKX56ItobBORZbvk12Mn5QrxIEGFbOFcLt6cA/zqixS8ej1cz+SsMUkuzl/KDh6ncXeuF
//  2DawyL7/konWins6Jo3gYhRgw4fpck14aaEF5/+h3FvgVw23FieWYc6AImn/2zvtv6+gCJl7YnrG
//  9zSjHx2Kf7WRiFbpSqYXGGA0iD0b7So9oyrTItepIRQh0OFcDhCGXvhl2Sb7IQM7sL3WvbAHcseS
//  0xJiEIZogWbVKL5OqAn/VrJsL+0atvkh6qy5FVmk9CBWh92lkmwWyk8+CoTVC6DPMRXLv/MQar2W
//  j0cOL12vohVJe9MSHTMR6kHaaxj1J8b5AswZTBsbgFo16Q6ihxLC1fd70OM1c6Hak341UgCxHsOr
//  j9JfT+r5jpK3booIzBorGNJOkAuaBAEKdcnNpyCP2sDCzG+7Ws1H+lJzXVDXARftZSbMvfLctU49
//  5YZl+bBifBF8fSSSRNKXMbPeyww1idjezWKiXQC3hA6VPKtW7rn1py7hTlkdm6os1jW9vmSmz30j
//  KHvey6Kcy+fdc1gyYmXhSDD55uYVrj1JmbaZvIeGTh8cQ8E4Dsq2Hy2PQ8S2e2S6YcJ9X6yNkwXG
//  KrqG2vK4AeBuro1IfoUG1EJ17Q==
//  -----END PKCS7-----

CkCrypt2_Dispose(crypt);
CkCert_Dispose(myCert);
CkBinData_Dispose(bdPkcs7);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sb);

end;