Sample code for 30+ languages & platforms
SQL Server

RSA-OAEP with SHA256 hashing

See more RSA Examples

RSA encrypt a SHA256 hash with OAEP padding.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @pubkey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubkey OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @sbPem int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbPem OUT

    DECLARE @bCrlf int
    SELECT @bCrlf = 1
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, '-----BEGIN PUBLIC KEY-----', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33TqqLR3eeUmDtHS89qF', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, '3p4MP7Wfqt2Zjj3lZjLjjCGDvwr9cJNlNDiuKboODgUiT4ZdPWbOiMAfDcDzlOxA', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, '04DDnEFGAf+kDQiNSe2ZtqC7bnIc8+KSG/qOGQIVaay4Ucr6ovDkykO5Hxn7OU7s', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, 'Jp9TP9H0JH8zMQA6YzijYH9LsupTerrY3U6zyihVEDXXOv08vBHk50BMFJbE9iwF', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, 'wnxCsU5+UZUZYw87Uu0n4LPFS9BT8tUIvAfnRXIEWCha3KbFWmdZQZlyrFw0buUE', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, 'f0YN3/Q0auBkdbDR/ES2PbgKTJdkjc/rEeM0TxvOUf7HuUNOhrtAVEN1D5uuxE1W', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, 'SwIDAQAB', @bCrlf
    EXEC sp_OAMethod @sbPem, 'AppendLine', @success OUT, '-----END PUBLIC KEY-----', @bCrlf

    -- Load the public key object from the PEM. 
    EXEC sp_OAMethod @sbPem, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @pubkey, 'LoadFromString', @success OUT, @sTmp0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pubkey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @sbPem
        RETURN
      END

    -- Build a small string to encrypt
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'example', '123'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'hello', 'world'
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    -- This is the JSON to be RSA encrypted:  {"example":"123","hello":"world"}

    -- IMPORTANT: RSA encryption is only used to encrypt small amounts of data.
    -- RSA is only able to encrypt data to a maximum amount of your key size (2048 bits = 256 bytes) 
    -- minus padding / header data (11 bytes for PKCS#1 v1.5 padding, 42 bytes for OAEP).
    -- As a result it is often not possible to encrypt files with RSA directly. 
    -- RSA is also not meant for this purpose. 
    -- 
    -- If you want to encrypt more data, you can use something like:
    -- 1) Generate a 256-bit random keystring K
    -- 2) Encrypt your data with AES-CBC with K
    -- 3) Encrypt K with RSA
    -- 4) Send both to the other side 

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT

    EXEC sp_OASetProperty @rsa, 'PkcsPadding', 0
    EXEC sp_OASetProperty @rsa, 'OaepHash', 'SHA-256'
    EXEC sp_OAMethod @rsa, 'UsePublicKey', @success OUT, @pubkey
    EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64'

    -- Note: The OAEP padding uses random bytes in the padding, and therefore each time encryption happens,
    -- even using the same data and key, the result will be different --  but still valid.  One should not expect
    -- to get the same output.
    DECLARE @bUsePrivateKey int
    SELECT @bUsePrivateKey = 0
    DECLARE @encryptedStr nvarchar(4000)
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @rsa, 'EncryptStringENC', @encryptedStr OUT, @sTmp0, @bUsePrivateKey
    EXEC sp_OAGetProperty @rsa, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @sbPem
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END


    PRINT 'Result: ' + @encryptedStr

    EXEC @hr = sp_OADestroy @pubkey
    EXEC @hr = sp_OADestroy @sbPem
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @rsa


END
GO