|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Encrypt/Decrypt using PFX to produce -----BEGIN PKCS7----- ... -----END PKCS7-----First we encrypt using a certificate + public key to produce output such as: -----BEGIN PKCS7----- MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywC ... ... ... -----END PKCS7-----Then we decrypt using the cert + private key.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set crypt [new_CkCrypt2] # Specify the encryption to be used. # "pki" indicates "Public Key Infrastructure" and will create a PKCS7 encrypted (enveloped) message. CkCrypt2_put_CryptAlgorithm $crypt "pki" CkCrypt2_put_Pkcs7CryptAlg $crypt "aes" CkCrypt2_put_KeyLength $crypt 128 CkCrypt2_put_OaepHash $crypt "sha256" CkCrypt2_put_OaepPadding $crypt 1 # A certificate is needed as the encryption key. # Althought the PFX contains the associated private key, we don't need it for encryption. # (A certificate usually contains the public key by default.) set cert [new_CkCert] set success [CkCert_LoadPfxFile $cert "qa_data/pfx/cert_test123.pfx" "test123"] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkCrypt2 $crypt delete_CkCert $cert exit } # Tell the crypt object to use the certificate. CkCrypt2_SetEncryptCert $crypt $cert set toBeEncrypted "This string is to be encrypted." # Get the result in multi-line BASE64 MIME format. CkCrypt2_put_EncodingMode $crypt "base64_mime" set encryptedStr [CkCrypt2_encryptStringENC $crypt $toBeEncrypted] if {$success != 1} then { puts [CkCrypt2_lastErrorText $crypt] delete_CkCrypt2 $crypt delete_CkCert $cert exit } # Make a "-----BEGIN PKCS7-----" ... "-----END PKCS7-----" sandwich... set sb [new_CkStringBuilder] CkStringBuilder_AppendLine $sb "-----BEGIN PKCS7-----" 1 CkStringBuilder_Append $sb $encryptedStr CkStringBuilder_AppendLine $sb "-----END PKCS7-----" 1 set outStr [CkStringBuilder_getAsString $sb] puts "$outStr" # Sample output: # -----BEGIN PKCS7----- # MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix # GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR # Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0 # aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug # DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL # 8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl # V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/ # 0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/ # tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V # k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4 # JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok= # -----END PKCS7----- # ---------------------------------------------------------------------------------------- # Let's Decrypt the above string. # Start with what was produced above.. CkStringBuilder_Clear $sb set bCrlf 1 CkStringBuilder_AppendLine $sb "-----BEGIN PKCS7-----" $bCrlf CkStringBuilder_AppendLine $sb "MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggH0MIIB8AIBADCBrDCBlzELMAkGA1UEBhMCR0Ix" $bCrlf CkStringBuilder_AppendLine $sb "GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR" $bCrlf CkStringBuilder_AppendLine $sb "Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0" $bCrlf CkStringBuilder_AppendLine $sb "aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEB6M1ZwZdZU7LrAIdurulmUwOAYJKoZIhvcNAQEHMCug" $bCrlf CkStringBuilder_AppendLine $sb "DzANBglghkgBZQMEAgEFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUABIIBAK/BZG/iXJ8az7zL" $bCrlf CkStringBuilder_AppendLine $sb "8EQ77mc+oDPQ4w1hyytK2ip4djkPVvTfYhcoDQ+G/DBU+urJfrVBi5H9gmpXwYyfKlyUxBVRVEJl" $bCrlf CkStringBuilder_AppendLine $sb "V/V5QQi4JmNTFbmgWh5tp9zDS98l6A2Va4Zs0Wy/owGLfvwitlxd1dsfVAV2hmBYS24BMpNcty5/" $bCrlf CkStringBuilder_AppendLine $sb "0atcKYmSou13G78ztTKdMy1tECgZy8kerMsPdDQbSxEZkT3KpQ8C5uEQqYF3bIVaeZzha/Ywieh/" $bCrlf CkStringBuilder_AppendLine $sb "tvO0T4aAmeJufwkNdVECmU7kuhnNaVPXknFl7jeibTl6zA/VcJKBKcIYT9FRC7KjdooI8q+jtQ/V" $bCrlf CkStringBuilder_AppendLine $sb "k6RP4POaowkFg1QWRPEWeqIwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQEEFQduqeJqXQXzy4" $bCrlf CkStringBuilder_AppendLine $sb "JpkoDoAgdldJDB9zEkpMpgr5/fR2iLvh5kC6BPfhOYjsawBY4Ok=" $bCrlf CkStringBuilder_AppendLine $sb "-----END PKCS7-----" $bCrlf set decrypt [new_CkCrypt2] CkCrypt2_put_CryptAlgorithm $decrypt "pki" # Use the same cert + private key from the PFX above. # For decryption, we need the private key. Given that the certificate was loaded from a PFX, # we should already have it. set success [CkCrypt2_SetDecryptCert $decrypt $cert] CkCrypt2_put_EncodingMode $decrypt "base64" set decryptedText [CkCrypt2_decryptStringENC $decrypt [CkStringBuilder_getBetween $sb "-----BEGIN PKCS7-----" "-----END PKCS7-----"]] puts "$decryptedText" delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkStringBuilder $sb delete_CkCrypt2 $decrypt |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.