Archived Forum Post

Index of archived forum posts

Question:

Decryption using public key in Chilkat

Mar 18 '13 at 11:08

Hi.. i'm writing a program that loads a .PFX certificate, and extract its public/private keys using the method "Extract Public/Private Keys and Certs from PFX into string variables". followed i use the private key to encrypt a string, and use the public key to decrypt the same string. the code is as follows:

pragma hdrstop

pragma argsused

include <tchar.h>

include <stdio.h>

include <conio.h>

include "CkCertStore.h"

include "CkString.h"

include "CkCert.h"

include "CkPrivateKey.h"

include "CkPublicKey.h"

include "CkRsa.h"

CkString GetPrivateKey_from_Cert(CkCert ); CkString GetPublicKey_from_Cert(CkCert ); const char * Encrypt_PrivateKey(const char , CkString); const char * Decrypt_PublicKey(const char , CkString);

int _tmain(int argc, _TCHAR* argv[]) { const char * Text="Hello World"; bool success; CkCertStore certStore;

//  Load the PFX file into a certificate store object
CkString password;
password = "**********";
success = certStore.LoadPfxFile("/Users/Rania/Documents/DIGITAL CERTIFICATES/MServer.pfx",password);
if (success != true) {
    printf("%s\n",certStore.lastErrorText());
    //return;
}

int i;
int numCerts;
numCerts = certStore.get_NumCertificates();

//  Loop over each certificate in the PFX.
CkCert *cert=0;

for (i = 0; i <= numCerts - 1; i++) {

    cert = certStore.GetCertificate(i);

    printf("%s\n",cert->subjectDN());
    printf("---\n");

    CkString encodedCert;
    encodedCert = cert->getEncoded();

    //  This string may now be stored in a relational database string field.
    //  To re-create the cert, do this:
    CkCert cert2;
    cert2.SetFromEncoded(encodedCert);  //}

    CkString a,b;
    const char * Enc_str;
    const char * Dec_str;
    //  Does this cert have a private key?
    if (cert->HasPrivateKey() == true)
      {
        a=GetPrivateKey_from_Cert(cert);
        Enc_str=Encrypt_PrivateKey(Text,a);
        printf("---------ENCRYPTED STRING (USING PRIVATE KEY)--------\n");
        printf(Enc_str);
        printf("\n-------END OF ENCRYPTED STRING (USING PRIVATE KEY)------\n");
        printf("\n\n");
        b=GetPublicKey_from_Cert(cert);
        Dec_str=Decrypt_PublicKey(Enc_str,b);
      }

getchar();
return 0;

} }

//============================================================================== CkString GetPrivateKey_from_Cert(CkCert * cert1) {

        //  Get the private key.
        CkPrivateKey *pvkey = 0;
        pvkey = cert1->ExportPrivateKey();

        //  The private key can be exported into
        //  a string in PKCS8, RSA PEM, or XML format:
        CkString pemPvKey;
        //CkString pkcs8PvKey;
        //CkString xmlPvKey;

        pemPvKey = pvkey->getRsaPem();
        //pkcs8PvKey = pvkey->getPkcs8Pem();
        //xmlPvKey = pvkey->getXml();

        printf("%s\n",(const char *)pemPvKey);
        //printf("%s\n",(const char *)pkcs8PvKey);
        //printf("%s\n",(const char *)xmlPvKey);

        //  Any of these formatted strings may
        //  be stored in a relational database field.
        //  to restore, call LoadPem or LoadXml
        //  LoadPem accepts either RSA PEM or
        //  PKCS8 PEM:
        CkPrivateKey pvKey2;

        pvKey2.LoadPem(pemPvKey);
        //pvKey2.LoadPem(pkcs8PvKey);
        //pvKey2.LoadXml(xmlPvKey);

        delete pvkey;
        return pemPvKey;

    }

//============================================================================== CkString GetPublicKey_from_Cert(CkCert * cert1) { // Now for the public key: CkString fname; CkPublicKey *pubkey = 0; pubkey = cert1->ExportPublicKey();

    //  It can be exported to a string as OpenSSL PEM
    //  or XML:
    CkString pubKeyPem;
    CkString pubKeyXml;

    pubKeyPem = pubkey->getOpenSslPem();
    //pubKeyXml = pubkey->getXml();

    printf("%s\n",(const char *)pubKeyPem);
    //printf("%s\n",(const char *)pubKeyXml);

    //  To re-load a PublicKey object, call LoadXml
    //  or LoadOpenSslPem:
    CkPublicKey pubKey2;

    pubKey2.LoadOpenSslPem(pubKeyPem);
    //pubKey2.LoadXml(pubKeyXml);
    fname = "ERROR-CONCAT";
    pubkey->SaveOpenSslDerFile(fname);

    delete pubkey;

    delete cert1;
    return pubKeyPem;
}

//  The Chilkat Certificate, Certificate Store, Private Key,
//  Public Key, and Key Container classes / objects are freeware.

//  They are used by and included with the Chilkat Email,
//  Crypt, S/MIME, and other commercial Chilkat components.

//==============================================================================

const char * Encrypt_PrivateKey(const char * MN, CkString PriK) { CkRsa rsa;

bool success;
success = rsa.UnlockComponent("***********************");
if (success != true) {
    printf("RSA component unlock failed\n");
    //return;
}
//  Start with a new RSA object to demonstrate that all we
//  need are the keys previously exported:
CkRsa rsaEncryptor;

//  Encrypted output is always binary.  In this case, we want
//  to encode the encrypted bytes in a printable string.
//  Our choices are "hex", "base64", "url", "quoted-printable".
rsaEncryptor.put_EncodingMode("hex");

//  We'll encrypt with the private key and decrypt with the public Key

success=rsaEncryptor.ImportPrivateKey(PriK); if(success==false) printf(rsa.lastErrorText()); bool usePrivateKey; usePrivateKey = true; const char * encryptedStr; encryptedStr = rsaEncryptor.encryptStringENC(MN,usePrivateKey); return encryptedStr; }

//============================================================================== const char * Decrypt_PublicKey(const char * ES, CkString PK) { CkRsa rsa;

bool success;
success = rsa.UnlockComponent("*************************8");
if (success != true) {
    printf("RSA component unlock failed\n");
 }
//  Now decrypt:
CkRsa rsaDecryptor;

rsaDecryptor.put_EncodingMode("hex");
success=rsaDecryptor.ImportPublicKey(PK);
if(success==false)
    printf(rsa.lastErrorText());
bool usePrivateKey = false;
const char * decryptedStr;
decryptedStr = rsaDecryptor.decryptStringENC(ES,usePrivateKey);
printf("%s\n",decryptedStr);
return decryptedStr;
}

//==============================================================================

The problem is, when reaching the Decrypt_PublicKey function, the LastErrorText is: ChilkatLog: UnlockComponent: DLL Date: Dec 13 2012 UnlockPrefix: * Username:*** Architecture: Little Endian; 32-bit Language: C++ Builder XE2 Verboslogging:0 Component: Rsa unlockcode: ** RegKey: LibDate:Dec 13 2012 requiresPerm:0 re-parsing expire date.. Component successfullu unlocked using permenent unlock code --RegKey --UnlockComponenet --ChilkatLog

Note:i'm using C++ Builder XE3. What does the date Dec 13 2012 means?, (I've purchased the Chilkat 1-Developer RSA Licence on Feb 3 2013)

Regards.


Answer

You've provided the LastErrorText for the UnlockComponent method call. To understand LastErrorText, please read the information here:
http://www.cknotes.com/?cat=163