Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
Hi.. i'm writing a program that loads a .PFX certificate, and extract its public/private keys using the method "Extract Public/Private Keys and Certs from PFX into string variables". followed i use the private key to encrypt a string, and use the public key to decrypt the same string. the code is as follows:
CkString GetPrivateKey_from_Cert(CkCert ); CkString GetPublicKey_from_Cert(CkCert ); const char * Encrypt_PrivateKey(const char , CkString); const char * Decrypt_PublicKey(const char , CkString);
int _tmain(int argc, _TCHAR* argv[]) { const char * Text="Hello World"; bool success; CkCertStore certStore;
// Load the PFX file into a certificate store object
CkString password;
password = "**********";
success = certStore.LoadPfxFile("/Users/Rania/Documents/DIGITAL CERTIFICATES/MServer.pfx",password);
if (success != true) {
printf("%s\n",certStore.lastErrorText());
//return;
}
int i;
int numCerts;
numCerts = certStore.get_NumCertificates();
// Loop over each certificate in the PFX.
CkCert *cert=0;
for (i = 0; i <= numCerts - 1; i++) {
cert = certStore.GetCertificate(i);
printf("%s\n",cert->subjectDN());
printf("---\n");
CkString encodedCert;
encodedCert = cert->getEncoded();
// This string may now be stored in a relational database string field.
// To re-create the cert, do this:
CkCert cert2;
cert2.SetFromEncoded(encodedCert); //}
CkString a,b;
const char * Enc_str;
const char * Dec_str;
// Does this cert have a private key?
if (cert->HasPrivateKey() == true)
{
a=GetPrivateKey_from_Cert(cert);
Enc_str=Encrypt_PrivateKey(Text,a);
printf("---------ENCRYPTED STRING (USING PRIVATE KEY)--------\n");
printf(Enc_str);
printf("\n-------END OF ENCRYPTED STRING (USING PRIVATE KEY)------\n");
printf("\n\n");
b=GetPublicKey_from_Cert(cert);
Dec_str=Decrypt_PublicKey(Enc_str,b);
}
getchar();
return 0;
} }
//============================================================================== CkString GetPrivateKey_from_Cert(CkCert * cert1) {
// Get the private key.
CkPrivateKey *pvkey = 0;
pvkey = cert1->ExportPrivateKey();
// The private key can be exported into
// a string in PKCS8, RSA PEM, or XML format:
CkString pemPvKey;
//CkString pkcs8PvKey;
//CkString xmlPvKey;
pemPvKey = pvkey->getRsaPem();
//pkcs8PvKey = pvkey->getPkcs8Pem();
//xmlPvKey = pvkey->getXml();
printf("%s\n",(const char *)pemPvKey);
//printf("%s\n",(const char *)pkcs8PvKey);
//printf("%s\n",(const char *)xmlPvKey);
// Any of these formatted strings may
// be stored in a relational database field.
// to restore, call LoadPem or LoadXml
// LoadPem accepts either RSA PEM or
// PKCS8 PEM:
CkPrivateKey pvKey2;
pvKey2.LoadPem(pemPvKey);
//pvKey2.LoadPem(pkcs8PvKey);
//pvKey2.LoadXml(xmlPvKey);
delete pvkey;
return pemPvKey;
}
//============================================================================== CkString GetPublicKey_from_Cert(CkCert * cert1) { // Now for the public key: CkString fname; CkPublicKey *pubkey = 0; pubkey = cert1->ExportPublicKey();
// It can be exported to a string as OpenSSL PEM
// or XML:
CkString pubKeyPem;
CkString pubKeyXml;
pubKeyPem = pubkey->getOpenSslPem();
//pubKeyXml = pubkey->getXml();
printf("%s\n",(const char *)pubKeyPem);
//printf("%s\n",(const char *)pubKeyXml);
// To re-load a PublicKey object, call LoadXml
// or LoadOpenSslPem:
CkPublicKey pubKey2;
pubKey2.LoadOpenSslPem(pubKeyPem);
//pubKey2.LoadXml(pubKeyXml);
fname = "ERROR-CONCAT";
pubkey->SaveOpenSslDerFile(fname);
delete pubkey;
delete cert1;
return pubKeyPem;
}
// The Chilkat Certificate, Certificate Store, Private Key,
// Public Key, and Key Container classes / objects are freeware.
// They are used by and included with the Chilkat Email,
// Crypt, S/MIME, and other commercial Chilkat components.
//==============================================================================
const char * Encrypt_PrivateKey(const char * MN, CkString PriK) { CkRsa rsa;
bool success;
success = rsa.UnlockComponent("***********************");
if (success != true) {
printf("RSA component unlock failed\n");
//return;
}
// Start with a new RSA object to demonstrate that all we
// need are the keys previously exported:
CkRsa rsaEncryptor;
// Encrypted output is always binary. In this case, we want
// to encode the encrypted bytes in a printable string.
// Our choices are "hex", "base64", "url", "quoted-printable".
rsaEncryptor.put_EncodingMode("hex");
// We'll encrypt with the private key and decrypt with the public Key
success=rsaEncryptor.ImportPrivateKey(PriK); if(success==false) printf(rsa.lastErrorText()); bool usePrivateKey; usePrivateKey = true; const char * encryptedStr; encryptedStr = rsaEncryptor.encryptStringENC(MN,usePrivateKey); return encryptedStr; }
//============================================================================== const char * Decrypt_PublicKey(const char * ES, CkString PK) { CkRsa rsa;
bool success;
success = rsa.UnlockComponent("*************************8");
if (success != true) {
printf("RSA component unlock failed\n");
}
// Now decrypt:
CkRsa rsaDecryptor;
rsaDecryptor.put_EncodingMode("hex");
success=rsaDecryptor.ImportPublicKey(PK);
if(success==false)
printf(rsa.lastErrorText());
bool usePrivateKey = false;
const char * decryptedStr;
decryptedStr = rsaDecryptor.decryptStringENC(ES,usePrivateKey);
printf("%s\n",decryptedStr);
return decryptedStr;
}
//==============================================================================
The problem is, when reaching the Decrypt_PublicKey function, the LastErrorText is: ChilkatLog: UnlockComponent: DLL Date: Dec 13 2012 UnlockPrefix: * Username:*** Architecture: Little Endian; 32-bit Language: C++ Builder XE2 Verboslogging:0 Component: Rsa unlockcode: ** RegKey: LibDate:Dec 13 2012 requiresPerm:0 re-parsing expire date.. Component successfullu unlocked using permenent unlock code --RegKey --UnlockComponenet --ChilkatLog
Note:i'm using C++ Builder XE3. What does the date Dec 13 2012 means?, (I've purchased the Chilkat 1-Developer RSA Licence on Feb 3 2013)
Regards.
You've provided the LastErrorText for the UnlockComponent method call. To understand LastErrorText, please read the information here:
http://www.cknotes.com/?cat=163