Sample code for 30+ languages & platforms
SQL Server

Generate RSA Key and Export to PKCS1 / PKCS8

See more RSA Examples

_LANGUAGE_ example code showing how to generate an RSA public/private key and save to PKCS1 and PKCS8 format files. In a PKCS1 or PKCS8 formatted file, the key is stored in binary ASN.1 format (and ASN.1 is itself written according to DER -- Distinguished Encoding Rules). A PEM file simply contains the binary ASN.1 base64 encoded and delimited by BEGIN/END lines. PKCS1 format files are never encrypted. PKCS8 can be encrypted or unencrypted. Public keys are never encrypted (there is no need). Private keys *should* always be encrypted - unless perhaps the unencrypted private key is obtained and itself stored in some sort of secure place.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example assumes the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Generate a 2048-bit key.  Chilkat RSA supports
    -- key sizes ranging from 512 bits to 8192 bits.
    DECLARE @privKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT

    EXEC sp_OAMethod @rsa, 'GenKey', @success OUT, 2048, @privKey
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @rsa
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    -- Get the public key
    DECLARE @pubKey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT

    EXEC sp_OAMethod @privKey, 'ToPublicKey', @success OUT, @pubKey

    -- Get the public key as a PKCS8 PEM string
    DECLARE @pubKeyPem nvarchar(4000)
    EXEC sp_OAMethod @pubKey, 'GetPem', @pubKeyPem OUT, 0

    PRINT @pubKeyPem

    -- Get the public key in PKCS8 format, in a Base64 encoded string.
    DECLARE @pubKeyPkcs8Base64 nvarchar(4000)
    EXEC sp_OAMethod @pubKey, 'GetEncoded', @pubKeyPkcs8Base64 OUT, 0, 'base64'

    PRINT @pubKeyPkcs8Base64

    -- Get the public key in PKCS1 format, in a Base64 encoded string.
    DECLARE @pubKeyPkcs1Base64 nvarchar(4000)
    EXEC sp_OAMethod @pubKey, 'GetEncoded', @pubKeyPkcs1Base64 OUT, 1, 'base64'

    PRINT @pubKeyPkcs1Base64

    -- Get the private key in a PKCS8 PEM string.
    DECLARE @privKeyPem nvarchar(4000)
    EXEC sp_OAMethod @privKey, 'GetPkcs8Pem', @privKeyPem OUT

    PRINT @privKeyPem

    -- Get the private key in a PKCS8 encrypted PEM string.
    DECLARE @privKeyEncPem nvarchar(4000)
    EXEC sp_OAMethod @privKey, 'GetPkcs8EncryptedPem', @privKeyEncPem OUT, 'myPassword'

    PRINT @privKeyEncPem

    -- Get the private key in PKCS1 Base64 format
    DECLARE @privKeyPkcs1Base64 nvarchar(4000)
    EXEC sp_OAMethod @privKey, 'GetPkcs1ENC', @privKeyPkcs1Base64 OUT, 'base64'

    PRINT @privKeyPkcs1Base64

    -- Get the private key in PKCS8 Base64 format
    DECLARE @privKeyPkcs8Base64 nvarchar(4000)
    EXEC sp_OAMethod @privKey, 'GetPkcs8ENC', @privKeyPkcs8Base64 OUT, 'base64'

    PRINT @privKeyPkcs8Base64

    -- Save to PKCS1 / PKCS8 / PEM files...

    -- Save the public key to PKCS8 binary DER
    EXEC sp_OAMethod @pubKey, 'SaveDerFile', @success OUT, 0, 'pubKey_pkcs8.der'

    -- Save the public key to PKCS1 binary DER
    EXEC sp_OAMethod @pubKey, 'SaveDerFile', @success OUT, 'pubKey_pkcs1.der'

    -- Save the private key to unencrypted binary PKCS1 DER.
    -- Note: PKCS1 is never found in an encrypted format. 
    EXEC sp_OAMethod @privKey, 'SavePkcs1File', @success OUT, 'privKey_pkcs1.der'

    -- Save the private key to unencrypted binary PKCS8
    EXEC sp_OAMethod @privKey, 'SavePkcs8File', @success OUT, 'privKey_pkcs8.der'

    -- Save the private key to encrypted binary PKCS8
    EXEC sp_OAMethod @privKey, 'SavePkcs8EncryptedFile', @success OUT, 'myPassword', 'privKey_enc_pkcs8.der'

    -- Save the private key to unencrypted PKCS8 PEM
    EXEC sp_OAMethod @privKey, 'SavePkcs8PemFile', @success OUT, 'privKey.pem'

    -- Save the private key to encrypted PKCS8 PEM
    EXEC sp_OAMethod @privKey, 'SavePkcs8EncryptedPemFile', @success OUT, 'myPassword', 'privKey_enc.pem'

    EXEC @hr = sp_OADestroy @rsa
    EXEC @hr = sp_OADestroy @privKey
    EXEC @hr = sp_OADestroy @pubKey


END
GO