(Visual FoxPro) Working with PEM Encrypted Private Keys

Demonstrates how to load and save PEM encrypted private keys.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL loChilkatGlob
LOCAL lnSuccess
LOCAL loPem
LOCAL lcPemPassword
LOCAL loFac
LOCAL lcPemText
LOCAL i
LOCAL lnNumPrivateKeys
LOCAL loPrivKey

* Starting in v9.5.0.49, all Chilkat classes can be unlocked at once at the beginning of a program
* by calling UnlockBundle.  It requires a Bundle unlock code.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Global')
loChilkatGlob = CreateObject('Chilkat.Global')
lnSuccess = loChilkatGlob.UnlockBundle("Anything for 30-day trial.")
IF (lnSuccess <> 1) THEN
    ? loChilkatGlob.LastErrorText
    RELEASE loChilkatGlob
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Pem')
loPem = CreateObject('Chilkat.Pem')

lcPemPassword = "secret"

* To load a PEM file containing encrypted private keys, simply
* provide the password.
lnSuccess = loPem.LoadPemFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",lcPemPassword)
IF (lnSuccess <> 1) THEN
    ? loPem.LastErrorText
    RELEASE loChilkatGlob
    RELEASE loPem
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.FileAccess')
loFac = CreateObject('Chilkat.FileAccess')
lcPemText = loFac.ReadEntireTextFile("/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem",lcPemPassword)

* To load a PEM from a string, call LoadPem instead of LoadPemFile:
lnSuccess = loPem.LoadPem(lcPemText)
IF (lnSuccess <> 1) THEN
    ? loPem.LastErrorText
    RELEASE loChilkatGlob
    RELEASE loPem
    RELEASE loFac
    CANCEL
ENDIF

* A few notes:
* The PEM may contain both private keys and certificates (or anything else).
* The password is utilized for whatever content in the PEM is encrypted.  
* It is OK to have both encrypted and non-encrypted content within a given PEM.

* PEM private keys can be encrypted in different formats.  The LoadPem and LoadPemFile
* methods automatically handle the different formats.
* One format is PKCS8 and is indicated by this delimiter within the PEM:

* -----BEGIN ENCRYPTED PRIVATE KEY-----
* MIICoTAbBgkqhkiG9w0BBQMwDgQIfdD0zv24lgkCAggABIICgE0PdHJmRbNs6cBX
* ...

* Another format, we'll call "passphrase" looks like this in the PEM:
* -----BEGIN RSA PRIVATE KEY-----
* Proc-Type: 4,ENCRYPTED
* DEK-Info: DES-EDE3-CBC,A4215544D11C5D0C
* 
* paqy9XRexcSjurHfG0xhCaUD0HrvIdhuC0CbRxxxeMlkLaV6+uT80rBxt2AaibWG
* ...

* Show the bit length of each private key:

lnNumPrivateKeys = loPem.NumPrivateKeys
IF (lnNumPrivateKeys = 0) THEN
    ? ("Error: Expected the PEM to contain private keys.")
    RELEASE loChilkatGlob
    RELEASE loPem
    RELEASE loFac
    CANCEL
ENDIF

FOR i = 1 TO lnNumPrivateKeys
    loPrivKey = loPem.GetPrivateKey(i - 1)
    ? STR(i) + ": " + STR(loPrivKey.BitLength) + " bits"
    RELEASE loPrivKey
NEXT

RELEASE loChilkatGlob
RELEASE loPem
RELEASE loFac