|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Perl) RSA Decrypt using Private Key on Smartcard or USB Token via Apple KeychainSee more Apple Keychain ExamplesRSA decryption using a certificate's private key located on a hardware token or smartcard via the Apple Keychain. Note: This example requires Chilkat v10.1.2 or greater.
use chilkat(); # Beforehand, we generated a 256-bit AES key, RSA encrypted, and saved to a file as in this example: # Generate a Random 256-bit AES Key and RSA Encrypt # The RSA public key used to encrypt in the above example was obtained from the Apple Keychain # like this: # Export a Public Key from USB Token or Smartcard using the Apple Keychain # This example will load the encrypted data and will RSA decrypt using the # private key of a certificate on a USB token (or smart card) via the Keychain. # You can list the Keychain certificates on hardware tokens using the following example: # Apple Keychain - List Certs on Smartcards and USB Tokens # Get the RSA encrypted data to be decrypted. $bd = chilkat::CkBinData->new(); # In all Chilkat methods expecting a path, you can pass either absolute or relative paths. $success = $bd->LoadFile("rsaEncrypted/myAes.key"); if ($success == 0) { print "Failed to load the encrypted AES key." . "\r\n"; exit; } # Load the certificate having the private key from the Apple Keychain # On MacOS and iOS, the LoadByCommonName function will search the Apple Keychain for the matching certificate. $cert = chilkat::CkCert->new(); # To potentially prevent the PIN dialog from being displayed, # we'll need to provide the USB token (or smart card) PIN # Note: It might not be possible to prevent the PIN dialog from being displayed # $cert->put_SmartCardPin("123456"); $success = $cert->LoadByCommonName("Test 2048 bit RSA"); if ($success == 0) { print $cert->lastErrorText() . "\r\n"; exit; } $rsa = chilkat::CkRsa->new(); # Specify we wish to use the certificate's private key for decryption. $success = $rsa->SetX509Cert($cert,1); if ($success == 0) { print $rsa->lastErrorText() . "\r\n"; exit; } # RSA Decrypt $rsa->put_VerboseLogging(1); $success = $rsa->DecryptBd($bd,1); if ($success == 0) { print $rsa->lastErrorText() . "\r\n"; exit; } # The contents of bd are now decrypted. print "Num bytes after decryption: " . $bd->get_NumBytes() . "\r\n"; # Some additional notes: # # If using a Yubikey token, the certificate must be installed in the Key Management slot. # The Digital Signature slot is for RSA keys to be used for signing, # and the Key Management slot is for RSA keys to be used for decrypting. # |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.
