Sample code for 30+ languages & platforms
PureBasic

Encrypt File using X.509 Certificate using AES in CBC Mode

See more Encryption Examples

Demonstrates how to encrypt a file using an X.509 Certificate's public key, where the underlying bulk encryption algorithm is 128-bit AES in CBC mode. (The underlying bulk encryption algorithm can be specified to be other algorithms/strengths.)

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCrypt2.pb"
IncludeFile "CkCert.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    crypt.i = CkCrypt2::ckCreate()
    If crypt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Use public-key cryptography for encryption.
    CkCrypt2::setCkCryptAlgorithm(crypt, "pki")

    ; Get an X.509 certificate to use for encrypting.
    ; Note: Chilkat provides many different ways of loading a certificate, from many different formats,
    ; or if on Windows, from the installed certificates on the system.
    ; This example simply loads a certificate from a file.
    ; Also, for encryption, only the public key is needed.  Digital certificates embed the public key
    ; within the X.509 format itself.  Therefore, if you have a certificate, you also have the public key.
    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkCert::ckLoadFromFile(cert,"qa_data/certs/testCert.cer")
    If success <> 1
        Debug CkCert::ckLastErrorText(cert)
        CkCrypt2::ckDispose(crypt)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    success = CkCrypt2::ckSetEncryptCert(crypt,cert)
    If success <> 1
        Debug CkCrypt2::ckLastErrorText(crypt)
        CkCrypt2::ckDispose(crypt)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    ; Indicate the underlying bulk encryption algorithm to be used:
    CkCrypt2::setCkPkcs7CryptAlg(crypt, "aes")
    CkCrypt2::setCkKeyLength(crypt, 128)

    ; Note: When doing public-key encryption the underlying bulk symmetric cipher mode will always be CBC. (at least with Chilkat...)

    ; There's one last option that could be set.  If is the RSA encryption encryption/padding scheme. 
    ; By default, RSAES_PKCS1-V1_5 is used.  If desired, the OaepPadding property could be set to 1 to
    ; use RSAES_OAEP.  (We'll leave it set at the default value of 0)
    CkCrypt2::setCkOaepPadding(crypt, 0)

    ; Everything is specified.  Now just encrypt...
    ; The output is PKCS7 in binary DER format.
    success = CkCrypt2::ckCkEncryptFile(crypt,"qa_data/hamlet.xml","qa_output/hamlet.p7")
    If success <> 1
        Debug CkCrypt2::ckLastErrorText(crypt)
        CkCrypt2::ckDispose(crypt)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    Debug "Finished."


    CkCrypt2::ckDispose(crypt)
    CkCert::ckDispose(cert)


    ProcedureReturn
EndProcedure