Sample code for 30+ languages & platforms
PowerShell

RSA-OAEP with SHA256 hashing

See more RSA Examples

RSA encrypt a SHA256 hash with OAEP padding.

Chilkat PowerShell Downloads

PowerShell
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"

$success = $false

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$pubkey = New-Object Chilkat.PublicKey

$sbPem = New-Object Chilkat.StringBuilder
$bCrlf = $true
$sbPem.AppendLine("-----BEGIN PUBLIC KEY-----",$bCrlf)
$sbPem.AppendLine("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33TqqLR3eeUmDtHS89qF",$bCrlf)
$sbPem.AppendLine("3p4MP7Wfqt2Zjj3lZjLjjCGDvwr9cJNlNDiuKboODgUiT4ZdPWbOiMAfDcDzlOxA",$bCrlf)
$sbPem.AppendLine("04DDnEFGAf+kDQiNSe2ZtqC7bnIc8+KSG/qOGQIVaay4Ucr6ovDkykO5Hxn7OU7s",$bCrlf)
$sbPem.AppendLine("Jp9TP9H0JH8zMQA6YzijYH9LsupTerrY3U6zyihVEDXXOv08vBHk50BMFJbE9iwF",$bCrlf)
$sbPem.AppendLine("wnxCsU5+UZUZYw87Uu0n4LPFS9BT8tUIvAfnRXIEWCha3KbFWmdZQZlyrFw0buUE",$bCrlf)
$sbPem.AppendLine("f0YN3/Q0auBkdbDR/ES2PbgKTJdkjc/rEeM0TxvOUf7HuUNOhrtAVEN1D5uuxE1W",$bCrlf)
$sbPem.AppendLine("SwIDAQAB",$bCrlf)
$sbPem.AppendLine("-----END PUBLIC KEY-----",$bCrlf)

# Load the public key object from the PEM. 
$success = $pubkey.LoadFromString($sbPem.GetAsString())
if ($success -eq $false) {
    $($pubkey.LastErrorText)
    exit
}

# Build a small string to encrypt
$json = New-Object Chilkat.JsonObject
$json.UpdateString("example","123")
$json.UpdateString("hello","world")
$($json.Emit())

# This is the JSON to be RSA encrypted:  {"example":"123","hello":"world"}

# IMPORTANT: RSA encryption is only used to encrypt small amounts of data.
# RSA is only able to encrypt data to a maximum amount of your key size (2048 bits = 256 bytes) 
# minus padding / header data (11 bytes for PKCS#1 v1.5 padding, 42 bytes for OAEP).
# As a result it is often not possible to encrypt files with RSA directly. 
# RSA is also not meant for this purpose. 
# 
# If you want to encrypt more data, you can use something like:
# 1) Generate a 256-bit random keystring K
# 2) Encrypt your data with AES-CBC with K
# 3) Encrypt K with RSA
# 4) Send both to the other side 

$rsa = New-Object Chilkat.Rsa
$rsa.PkcsPadding = $false
$rsa.OaepHash = "SHA-256"
$rsa.UsePublicKey($pubkey)
$rsa.EncodingMode = "base64"

# Note: The OAEP padding uses random bytes in the padding, and therefore each time encryption happens,
# even using the same data and key, the result will be different --  but still valid.  One should not expect
# to get the same output.
$bUsePrivateKey = $false
$encryptedStr = $rsa.EncryptStringENC($json.Emit(),$bUsePrivateKey)
if ($rsa.LastMethodSuccess -eq $false) {
    $($rsa.LastErrorText)
    exit
}

$("Result: " + $encryptedStr)