Sample code for 30+ languages & platforms
Visual FoxPro

Yubikey RSA Encrypt/Decrypt

See more RSA Examples

Demonstrates how to do RSA decryption using a private key stored on a Yubikey (or other USB token or smartcard).

Note: RSA encryption uses the public key, which is freely exportable and does not need to occur on the token/smartcard.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loBd
LOCAL loCert
LOCAL loRsa
LOCAL lnUsePrivateKey

lnSuccess = 0

* This example assumes you have a certificate with private key on the Yubikey token.
* When doing simple RSA encryption/decryption, we don't actually need the certificate,
* but we'll be using the private key associated with the certificate.
* 
* The sensitive/secret material that needs to be kept private is the private key.
* The certificate itself and the public key can be freely shared.
* 

* We're going to encrypt and decrypt 32-bytes of data.
loBd = CreateObject('Chilkat.BinData')
lnSuccess = loBd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex")
lnSuccess = loBd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex")

* Let's get the desired cert.
* For this example, a self-signed certificate with a 2048-bit RSA key was generated in slot 9A.
loCert = CreateObject('Chilkat.Cert')

* Force Chilkat to use PKCS11 over ScMinidriver (if on Windows) and Apple Keychain (if on MacOS)
loCert.UncommonOptions = "NoScMinidriver,NoAppleKeychain"

loCert.SmartCardPin = "123456"

lnSuccess = loCert.LoadFromSmartcard("cn=chilkat_test_2048")
IF (lnSuccess = 0) THEN
    ? loCert.LastErrorText
    RELEASE loBd
    RELEASE loCert
    CANCEL
ENDIF

* RSA encrypt using the public key.
loRsa = CreateObject('Chilkat.Rsa')

* Provide the RSA object with the certificate on the Yubkey.
lnSuccess = loRsa.SetX509Cert(loCert,1)
IF (lnSuccess = 0) THEN
    ? loRsa.LastErrorText
    RELEASE loBd
    RELEASE loCert
    RELEASE loRsa
    CANCEL
ENDIF

* RSA encrypt using the public key.
lnUsePrivateKey = 0
lnSuccess = loRsa.EncryptBd(loBd,lnUsePrivateKey)
IF (lnSuccess = 0) THEN
    ? loRsa.LastErrorText
    RELEASE loBd
    RELEASE loCert
    RELEASE loRsa
    CANCEL
ENDIF

? "RSA Encrypted Output in Hex:"
? loBd.GetEncoded("hex")

* Now let's decrypt, using the private key on the Yubikey.
lnUsePrivateKey = 1
lnSuccess = loRsa.DecryptBd(loBd,lnUsePrivateKey)
IF (lnSuccess = 0) THEN
    ? loRsa.LastErrorText
    RELEASE loBd
    RELEASE loCert
    RELEASE loRsa
    CANCEL
ENDIF

? "RSA Decrypted Output in Hex:"
? loBd.GetEncoded("hex")

RELEASE loBd
RELEASE loCert
RELEASE loRsa