Using X509 Certificate to Encrypt Data

Question:
Do you have any examples of using the Chilkat Encryption component with X509 Digital
Certificates to encrypt and decrypt data ?

Answer:
To use an X509 certificate, the CryptAlgorithm is set to “PKI” and you set the certificate by calling SetEncryptCert.
The encryption algorithm may be controlled by using a Chilkat CSP object and calling SetCSP.

Here’s a quick example showing the use of SetEncryptCert:
Encrypt with X509 Certificate

How to Encrypt URL Query Parameters

Here’s a new example:

ASP: Encrypt URL Query Parameters
SQL Server: Encrypt URL Query Parameters
C#: Encrypt URL Query Parameters
MFC: Encrypt URL Query Parameters
Delphi: Encrypt URL Query Parameters
Visual FoxPro: Encrypt URL Query Parameters
Java: Encrypt URL Query Parameters
Perl: Encrypt URL Query Parameters
PHP: Encrypt URL Query Parameters
Python: Encrypt URL Query Parameters
Ruby: Encrypt URL Query Parameters
VB.NET: Encrypt URL Query Parameters
Visual Basic: Encrypt URL Query Parameters
VBScript: Encrypt URL Query Parameters

C# Encrypting/Decrypting with Stream

This C# example demonstrates how to use Chilkat.Crypt2 to encrypt and decrypting using the .NET FileStream class:

    Chilkat.Crypt2 crypt = new Chilkat.Crypt2();
    bool success = crypt.UnlockComponent("Anything for 30-day trial");
    if (!success)
    {
        MessageBox.Show(crypt.LastErrorText);
        return;
    }

    crypt.CryptAlgorithm = "aes";
    crypt.CipherMode = "cbc";
    crypt.KeyLength = 128;

    crypt.SetEncodedIV("0000000000000000", "hex");
    crypt.SetEncodedKey("abcdefghijklmnop", "ascii");

    // Open input and output files as file streams...
    FileStream fsIn = File.OpenRead("hamlet.xml");
    FileStream fsOut = File.Create("encrypted.dat");

    crypt.FirstChunk = true;
    crypt.LastChunk = false;
    byte [] encryptedChunk;

    // Encrypt the stream in 1024 byte chunks.
    byte[] b = new byte[1024];

    int n;
    while ((n = fsIn.Read(b, 0, b.Length)) > 0)
    {
        if (n < b.Length)
        {
            // Don't encrypt the full 1024 bytes, only the amount read...
            byte[] tmp = new byte[n];
            int i;
            for (i = 0; i < n; i++) tmp[i] = b[i];
            encryptedChunk = crypt.EncryptBytes(tmp);
        }
        else
        {
            encryptedChunk = crypt.EncryptBytes(b);
        }

        fsOut.Write(encryptedChunk, 0, encryptedChunk.Length);
        crypt.FirstChunk = false;
    }
    fsIn.Close();

    // Flush any remaining encrypted data.
    crypt.LastChunk = true;
    byte[] empty = { };
    encryptedChunk = crypt.EncryptBytes(empty);
    if (encryptedChunk.Length > 0)
    {
        fsOut.Write(encryptedChunk, 0, encryptedChunk.Length);
    }
    fsOut.Close();


    // Now decrypt in chunks.  The decryptor must know when the last
    // block is being processed so it may unpad it correctly.

    System.IO.FileInfo fi = new System.IO.FileInfo("encrypted.dat");
    long fileSize = fi.Length;
    int numChunks = (int)fileSize / b.Length;

    fsIn = File.OpenRead("encrypted.dat");
    fsOut = File.Create("decrypted.xml");

    crypt.FirstChunk = true;
    crypt.LastChunk = false;
    byte[] decryptedChunk;

    int idx;
    for (idx = 0; idx <= numChunks; idx++)
    {
        n = fsIn.Read(b, 0, b.Length);

        // Is this the last chunk?
        if (idx == numChunks)
        {
            // Decrypt only the amount read...
            byte[] lastBlock = new byte[n];
            int i;
            for (i = 0; i < n; i++) lastBlock[i] = b[i];
            crypt.LastChunk = true;
            decryptedChunk = crypt.DecryptBytes(lastBlock);
        }
        else
        {
            decryptedChunk = crypt.DecryptBytes(b);
        }

        fsOut.Write(decryptedChunk, 0, decryptedChunk.Length);
        crypt.FirstChunk = false;
    }
    fsIn.Close();
    fsOut.Close();

    MessageBox.Show("Finished!");

C# Blowfish Test Vectors

C# to match the Blowfish test vectors at this URL: http://www.schneier.com/code/vectors.txt

    // keys
    string[] key = new string[] { 
        "0000000000000000",
        "FFFFFFFFFFFFFFFF",
        "3000000000000000",
        "1111111111111111",
        "0123456789ABCDEF",
        "1111111111111111",
        "0000000000000000",
        "FEDCBA9876543210",
        "7CA110454A1A6E57",
        "0131D9619DC1376E",
        "07A1133E4A0B2686",
        "3849674C2602319E",
        "04B915BA43FEB5B6",
        "0113B970FD34F2CE",
        "0170F175468FB5E6",
        "43297FAD38E373FE",
        "07A7137045DA2A16",
        "04689104C2FD3B2F",
        "37D06BB516CB7546",
        "1F08260D1AC2465E",
        "584023641ABA6176",
        "025816164629B007",
        "49793EBC79B3258F",
        "4FB05E1515AB73A7",
        "49E95D6D4CA229BF",
        "018310DC409B26D6",
        "1C587F1C13924FEF",
        "0101010101010101",
        "1F1F1F1F0E0E0E0E",
        "E0FEE0FEF1FEF1FE",
        "0000000000000000",
        "FFFFFFFFFFFFFFFF",
        "0123456789ABCDEF",
        "FEDCBA9876543210" };

    string[] plainText = new string[] { 
        "0000000000000000",
        "FFFFFFFFFFFFFFFF",
        "1000000000000001",
        "1111111111111111",
        "1111111111111111",
        "0123456789ABCDEF",
        "0000000000000000",
        "0123456789ABCDEF",
        "01A1D6D039776742",
        "5CD54CA83DEF57DA",
        "0248D43806F67172",
        "51454B582DDF440A",
        "42FD443059577FA2",
        "059B5E0851CF143A",
        "0756D8E0774761D2",
        "762514B829BF486A",
        "3BDD119049372802",
        "26955F6835AF609A",
        "164D5E404F275232",
        "6B056E18759F5CCA",
        "004BD6EF09176062",
        "480D39006EE762F2",
        "437540C8698F3CFA",
        "072D43A077075292",
        "02FE55778117F12A",
        "1D9D5C5018F728C2",
        "305532286D6F295A",
        "0123456789ABCDEF",
        "0123456789ABCDEF",
        "0123456789ABCDEF",
        "FFFFFFFFFFFFFFFF",
        "0000000000000000",
        "0000000000000000",
        "FFFFFFFFFFFFFFFF" };

    string[] cipherBytes = new string[] { 
        "4EF997456198DD78",
        "51866FD5B85ECB8A",
        "7D856F9A613063F2",
        "2466DD878B963C9D",
        "61F9C3802281B096",
        "7D0CC630AFDA1EC7",
        "4EF997456198DD78",
        "0ACEAB0FC6A0A28D",
        "59C68245EB05282B",
        "B1B8CC0B250F09A0",
        "1730E5778BEA1DA4",
        "A25E7856CF2651EB",
        "353882B109CE8F1A",
        "48F4D0884C379918",
        "432193B78951FC98",
        "13F04154D69D1AE5",
        "2EEDDA93FFD39C79",
        "D887E0393C2DA6E3",
        "5F99D04F5B163969",
        "4A057A3B24D3977B",
        "452031C1E4FADA8E",
        "7555AE39F59B87BD",
        "53C55F9CB49FC019",
        "7A8E7BFA937E89A3",
        "CF9C5D7A4986ADB5",
        "D1ABB290658BC778",
        "55CB3774D13EF201",
        "FA34EC4847B268B2",
        "A790795108EA3CAE",
        "C39E072D9FAC631D",
        "014933E0CDAFF6E4",
        "F21E9A77B71C49BC",
        "245946885754369A",
        "6B5C5A9C5D9E0A5A" };

    Chilkat.Crypt2 crypt = new Chilkat.Crypt2();

    bool success;
    success = crypt.UnlockComponent("Anything for 30-day trial");
    if (success != true)
    {
        MessageBox.Show("Crypt component unlock failed");
        return;
    }

    //  Attention: use "blowfish2" for the algorithm name:
    crypt.CryptAlgorithm = "blowfish2";

    //  CipherMode may be "ecb", "cbc", or "cfb"
    crypt.CipherMode = "ecb";

    //  KeyLength (in bits) may be a number between 32 and 448.
    //  128-bits is usually sufficient.  The KeyLength must be a
    //  multiple of 8.
    crypt.KeyLength = 64;

    //  The padding scheme determines the contents of the bytes
    //  that are added to pad the result to a multiple of the
    //  encryption algorithm's block size.  Blowfish has a block
    //  size of 8 bytes, so encrypted output is always
    //  a multiple of 8.
    crypt.PaddingScheme = 3;

    //  EncodingMode specifies the encoding of the output for
    //  encryption, and the input for decryption.
    //  It may be "hex", "url", "base64", or "quoted-printable".
    crypt.EncodingMode = "hex";


    int numTests = key.Length;
    int i;

    for (i = 0; i < numTests; i++)
    {
        crypt.SetEncodedKey(key[i], "hex");

        string encStr = crypt.EncryptEncoded(plainText[i]);
        textBox1.Text += encStr + " should equal " + cipherBytes[i] + "\r\n";
    }

Matching DES Encryption in Java and VBScript

This page shows both Java JCE DES encryption examples, as well as examples using the Chilkat Encryption component in both Java and VBScript. Each of these examples produces identical output:

The string: ABC123 encrypts to 6DA02B6AE1EA32D8 (as a hexidecimalized string)

Java bytes-to-hex Encoding Utility Function

 	public static String toHex (byte buf[]) {
 		
      StringBuffer strbuf = new StringBuffer(buf.length * 2);
      int i;

      for (i = 0; i < buf.length; i++) {
       if (((int) buf[i] & 0xff) < 0x10)
	    strbuf.append("0");

       strbuf.append(Long.toString((int) buf[i] & 0xff, 16));
      }

      return strbuf.toString();
     }

56-bit DES Encryption Java JCE Example 1

        String password = "12345678";
        byte[] keyBytes = password.getBytes();
				
        SecretKeySpec skeySpec = new SecretKeySpec(keyBytes, "DES");
        Cipher cipher = Cipher.getInstance("DES");
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
        
        String original = "ABC123";
        byte[] inBytes = original.getBytes();
        byte[] encrypted = cipher.doFinal(inBytes);
     
     	System.out.println("Java:");
        System.out.println(toHex(encrypted));
        
        String dStr = decrypt("12345678",encrypted);
      	System.out.println(dStr);

56-bit DES Encryption Java JCE Example 2

        DESKeySpec ks = new DESKeySpec( keyBytes );
        SecretKeyFactory kf = SecretKeyFactory.getInstance( "DES" );
        SecretKey ky = kf.generateSecret( ks );
        Cipher cf = Cipher.getInstance( "DES" );
        cf.init( Cipher.ENCRYPT_MODE, ky );
        byte[] encrypted2 = cipher.doFinal(inBytes);
	 
        System.out.println("Java(2):");
        System.out.println(toHex(encrypted2));

56-bit DES Encryption Java w/ Chilkat

    CkCrypt2 crypt = new CkCrypt2();
    crypt.UnlockComponent("30-day Trial");
    
	crypt.put_CryptAlgorithm("des");
	crypt.put_CipherMode("ecb");
	//crypt.put_PaddingScheme(3);
	crypt.put_KeyLength(64);
	crypt.put_EncodingMode("hex");
	//crypt.put_Charset("windows-1252");
	
	crypt.SetEncodedKey("12345678","ascii");
	
	CkByteData inData = new CkByteData();
	inData.appendStr(original);
	    
	CkString encryptedStr = new CkString();
	crypt.EncryptBytesENC(inData,encryptedStr);
	
	System.out.println("Chilkat:");    
	System.out.println(encryptedStr.getString());

56-bit DES Encryption VBScript w/ Chilkat

set crypt = CreateObject("Chilkat.Crypt2")

crypt.UnlockComponent "30-day Trial"

crypt.CryptAlgorithm = "DES"
crypt.CipherMode = "ECB"
crypt.KeyLength = 64
crypt.EncodingMode = "hex"
crypt.SetEncodedKey "12345678","ascii"

MsgBox crypt.EncryptStringENC("ABC123")

56-bit DES Decryption in Java JCE

    public static String decrypt(String password, byte[] encodedData)
      throws Exception
    {

        byte[] originalData = null;

        SecretKeySpec key = new SecretKeySpec(password.getBytes (), "DES");
        Cipher cipher = Cipher.getInstance("DES");
        cipher.init(Cipher.DECRYPT_MODE, key);
        originalData = cipher.doFinal(encodedData);

        String s = new String(originalData);
        return s;
    }