Xojo Developer Conference
25/27th April 2018 in Denver.
MBS Xojo Conference
6/7th September 2018 in Munich, Germany.

Platforms to show: All Mac Windows Linux Cross-Platform

OpenSSLMBS.ErrorString(ErrorCode as Integer) as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 14.0 Yes Yes Yes Yes No
Function: Queries the human readable error string for an OpenSSL error.
Example:
MsgBox OpenSSLMBS.ErrorString(336109761)

Feedback, Comments & Corrections

OpenSSLMBS.GeneratePrivateKey(Bits as Integer = 4096, Exp as Integer = 65537, Password as string = "", Algorithm as string = "") as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Generates a new private key.
Example:
dim privateKey as string = OpenSSLMBS.GeneratePrivateKey
dim publicKey as string = OpenSSLMBS.GetPublicKey(privateKey)

break // got key pair
Notes:
Bit size of key should be high.
See RSA key documentation on the web about details.

In Plugin version 16.2 and later this function yields time to other Xojo threads.
Algorithm specifies the encryption algorithm for key encryption. See CipherMBS for cipher names, e.g. "AES-128-CBC". (new in 17.5)

Feedback, Comments & Corrections

OpenSSLMBS.GetPublicKey(PrivateKey as String, PrivateKeyPassword as string = "") as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Extracts public key from private key.
Example:
dim privateKey as string = OpenSSLMBS.GeneratePrivateKey
dim publicKey as string = OpenSSLMBS.GetPublicKey(privateKey)

break // got key pair
Notes: Optionally you can define a password for private key.

Feedback, Comments & Corrections

OpenSSLMBS.OpenSSLVersion as String
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Queries version of OpenSSL version.
Example:
MsgBox OpenSSLMBS.OpenSSLVersion

Feedback, Comments & Corrections

OpenSSLMBS.PKCS7Sign(flags as Integer, InputData as string, SignKey as string, PrivateKey as String, PrivateKeyPassword as string, intermediaCertsData() as string, OutputBinary as boolean) as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 15.1 Yes Yes Yes Yes No
Function: Signs with SMIME.
Example:
dim testPrivKey      as string = ReadFile("passkey.pem")
dim testCertificate as string = ReadFile("passcertificate.pem")
dim data as string = ReadFile("test.txt")
dim privKeyPassword as string = "12345"

dim intermediateCertificates() as string
intermediateCertificates.Append ReadFile("WWDR.pem")
dim Sign as string = OpenSSLMBS.PKCS7Sign(0, data, testCertificate, testPrivKey, privKeyPassword, intermediateCertificates, true)

// write result
dim f as FolderItem = SpecialFolder.Desktop.Child("output")
dim b as BinaryStream = BinaryStream.Create(f, true)
b.Write sign
Notes:
Returns the signature. If OutputBinary is true, we use DER output, else text based output.
intermediaCertsData array can be empty if you have no intermediate certificates.

Feedback, Comments & Corrections

OpenSSLMBS.PKCS7SignData(signcert as X509MBS, PrivateKey as PKeyMBS, certs() as X509MBS = nil, data as string, flags as Integer = 0) as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 18.0 Yes Yes Yes Yes No
Function: Signs with PKCS7.
Notes:
Returns the signature (binary format = DER).
intermediaCertsData array can be empty or nil if you have no intermediate certificates.

Feedback, Comments & Corrections

OpenSSLMBS.RSAPrivateDecrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Decrypts data using private key.
Example:
// encrypt with public, decrypt with private key

dim f1 as FolderItem = GetFolderItem("test.pem")
dim b1 as BinaryStream = BinaryStream.Open(f1)
dim PrivKey as string = B1.Read(b1.Length)

dim f2 as FolderItem = GetFolderItem("test.pub")
dim b2 as BinaryStream = BinaryStream.Open(f2)
dim PubKey as string = B2.Read(b2.Length)

dim UnencryptedData as string = "Hello World. This is just a test."
dim EncryptedData as string = OpenSSLMBS.RSAPublicEncrypt(UnencryptedData, PubKey)
dim decryptedData as string = OpenSSLMBS.RSAPrivateDecrypt(EncryptedData, PrivKey)

Break // check in debugger
Notes:
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.

RSA can only decrypt data if it's <= length of key.

Feedback, Comments & Corrections

OpenSSLMBS.RSAPrivateEncrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Encrypts data using private key.
Example:
// encrypt with private, decrypt with public key

dim f1 as FolderItem = GetFolderItem("test.pem")
dim b1 as BinaryStream = BinaryStream.Open(f1)
dim PrivKey as string = B1.Read(b1.Length)

dim f2 as FolderItem = GetFolderItem("test.pub")
dim b2 as BinaryStream = BinaryStream.Open(f2)
dim PubKey as string = B2.Read(b2.Length)

dim UnencryptedData as string = "Hello World. This is just a test."
dim EncryptedData as string = OpenSSLMBS.RSAPrivateEncrypt(UnencryptedData, PrivKey)
dim decryptedData as string = OpenSSLMBS.RSAPublicDecrypt(EncryptedData, PubKey)

Break // check in debugger
Notes:
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.

RSA can only encrypt data if it's <= length of key.

Feedback, Comments & Corrections

OpenSSLMBS.RSAPublicDecrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Decrypts data using public key.
Example:
// encrypt with private, decrypt with public key

dim f1 as FolderItem = GetFolderItem("test.pem")
dim b1 as BinaryStream = BinaryStream.Open(f1)
dim PrivKey as string = B1.Read(b1.Length)

dim f2 as FolderItem = GetFolderItem("test.pub")
dim b2 as BinaryStream = BinaryStream.Open(f2)
dim PubKey as string = B2.Read(b2.Length)

dim UnencryptedData as string = "Hello World. This is just a test."
dim EncryptedData as string = OpenSSLMBS.RSAPrivateEncrypt(UnencryptedData, PrivKey)
dim decryptedData as string = OpenSSLMBS.RSAPublicDecrypt(EncryptedData, PubKey)

Break // check in debugger
Notes:
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.

RSA can only decrypt data if it's <= length of key.

Feedback, Comments & Corrections

OpenSSLMBS.RSAPublicEncrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.2 Yes Yes Yes Yes No
Function: Encrypts data using public key.
Example:
// encrypt with public, decrypt with private key

dim f1 as FolderItem = GetFolderItem("test.pem")
dim b1 as BinaryStream = BinaryStream.Open(f1)
dim PrivKey as string = B1.Read(b1.Length)

dim f2 as FolderItem = GetFolderItem("test.pub")
dim b2 as BinaryStream = BinaryStream.Open(f2)
dim PubKey as string = B2.Read(b2.Length)

dim UnencryptedData as string = "Hello World. This is just a test."
dim EncryptedData as string = OpenSSLMBS.RSAPublicEncrypt(UnencryptedData, PubKey)
dim decryptedData as string = OpenSSLMBS.RSAPrivateDecrypt(EncryptedData, PrivKey)

Break // check in debugger
Notes:
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.

RSA can only encrypt data if it's <= length of key.

Feedback, Comments & Corrections

OpenSSLMBS.SignData(data as string, key as string, Password as string = "") as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 13.4 Yes Yes Yes Yes No
Function: Signs a piece of data with a given private key.
Example:
dim data as string // some data
dim test as string // the private key PEM file content
dim Signature as string = OpenSSLMBS.SignData(data, test)
msgbox EncodeHex(Signature)
Notes:
Returns signature. Use EncodeHex or EncodeBase64 to make a text representation.

Internally we make a SHA1 hash of the data, open the private RSA key and do a RSA sign operation. We return the raw key as a string bytes.
On any error, we return an empty string.
Optional you can pass a password to read password protected keys.

See also:

Feedback, Comments & Corrections

OpenSSLMBS.SignData(data as string, key as string, Password as string = "", Algorithm as Integer) as string
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.0 Yes Yes Yes Yes No
Function: Signs a piece of data with a given private key.
Example:
dim test_pem         as string = ReadFile("test.pem")
dim test_pub as string = ReadFile("test.pub")
dim data as string = ReadFile("Create Keys.rtf") // some data file
dim signature as string

// create signature

Signature = OpenSSLMBS.SignData(data, test_pem, OpenSSLMBS.kAlgorithmSHA512)
if Signature = "" then
// failed
break
end if

// verify with private key
dim r1 as Boolean = OpenSSLMBS.VerifyData(data, signature, test_pem, OpenSSLMBS.kAlgorithmSHA256)

// verify with public key
dim r2 as Boolean = OpenSSLMBS.VerifyData(data, signature, test_pub, OpenSSLMBS.kAlgorithmSHA256)
Notes:
Returns signature. Use EncodeHex or EncodeBase64 to make a text representation.

Internally we make a hash of the data with given algorithm, open the private RSA key and do a RSA sign operation. We return the raw signature as a string bytes.
On any error, we return an empty string.
Optional you can pass a password to read password protected keys.

See also:

Feedback, Comments & Corrections

OpenSSLMBS.VerifyData(data as string, Signature as string, Key as string, Password as string = "") as boolean
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 13.4 Yes Yes Yes Yes No
Function: Verifies a signature with given data and public key.
Notes:
Key can be the public or private key, but of course normally you use the public key.
Data is the raw data to compare agains. A SHA1 hash is performed and verified with the signature.
Signature must be the string returned like from SignData function. If you used EncodeHex on it, you now need to do DecodeHex.
Returns true if signature is valid and false on any other error.
Optional you can pass a password to read password protected keys.

See also:

Feedback, Comments & Corrections

OpenSSLMBS.VerifyData(data as string, Signature as string, Key as string, Password as string = "", Algorithm as Integer) as boolean
Type Topic Plugin Version macOS Windows Linux Console & Web iOS
method Encryption and Hash MBS Encryption Plugin 16.0 Yes Yes Yes Yes No
Function: Verifies a signature with given data and public key.
Example:
dim test_pem         as string = ReadFile("test.pem")
dim test_pub as string = ReadFile("test.pub")
dim data as string = ReadFile("Create Keys.rtf") // some data file
dim signature as string

// create signature

Signature = OpenSSLMBS.SignData(data, test_pem, OpenSSLMBS.kAlgorithmSHA512)
if Signature = "" then
// failed
break
end if

// verify with private key
dim r1 as Boolean = OpenSSLMBS.VerifyData(data, signature, test_pem, OpenSSLMBS.kAlgorithmSHA512)

// verify with public key
dim r2 as Boolean = OpenSSLMBS.VerifyData(data, signature, test_pub, OpenSSLMBS.kAlgorithmSHA512)
Notes:
Key can be the public or private key, but of course normally you use the public key.
Data is the raw data to compare agains. A hash is performed with given algorithm and verified with the signature.
Signature must be the string returned like from SignData function. If you used EncodeHex on it, you now need to do DecodeHex.
Returns true if signature is valid and false on any other error.
Optional you can pass a password to read password protected keys.

See also:

Feedback, Comments & Corrections

The items on this page are in the following plugins: MBS Encryption Plugin.




Links
MBS Xojo blog