Using certificates with WodCrypt (wodCrypt)
I've downloaded the evaluation version of WodCrypt and would greatly appreciate a little nudge in the right direction for what I'm hoping to achieve.
My intention is to use WodCrypt to encrypt/decrypt using keys obtained from certificate files (.cer for public keys and .pfx for private keys).
I've read in the release notes that a certificate object can be used as the SecretKey property but am having difficulty getting it to work.
My starting point was the Encrypt files VB sample that comes with the control.
I've modified cmdEncrypt_Click so that it now looks like this:
Dim srcfile As New FileBlob
Dim destfile As New FileBlob
Dim eCert As New WODCERTMNGLib.Certificate
Set oCrypt = New wodCryptCom
oCrypt.Optimized = False
oCrypt.Type = AES
eCert.Load App.Path + /test.cer
oCrypt.SecretKey = eCert
' oCrypt.SecretKey = Now is the time for all good men to come to the aid of their party.
srcfile.FileName = txtSource.Text
destfile.FileName = txtDest.Text
oCrypt.Encrypt srcfile, destfile
MsgBox Encyption Complete
When this is run, oCrypt.Encrypt returns the error 30005, Secret Password is not set, or cannot be applied to selected algorithm .
What am I doing wrong?
Thanks.
Re: Using certificates with WodCrypt
Hi Mark,
When you load certificate using wodCertificate you should load private key part from certificate. So you need to use LoadKey Method instead Load Method in wodCertificate.
Also for encryption you should use public key and for decryption you need to use private key inside SecretKey Property.
[code]eCert.LoadKey App.Path + \test.cer
oCrypt.SecretKey = eCert.PublicKey[/code]
Let us know how it goes.
Regards,
Drazen
Re: Using certificates with WodCrypt
Hi Drazen,
I've tried what you suggested but I'm afraid it didn't quite work out.
For the encryption I set SecretKey to eCert.PublicKey and an encrypted file was produced.
For the decrpt, I loaded the decryption certificate using:
dCert.Load App.Path + /test.pfx , password
dCert.LoadKey App.Path + /test.pfx , password
and then set SecretKey to dCert.PrivateKey.
The result was a garbage file.
I then tried setting SecretKey to dCert.PublicKey and this generated the original clear text followed by a number of NULLs.
It looks like the public key is being used literally, like a password, rather than to generate cyphertext that can only be decrpyted using the private key.
Am I missing a step?
Thanks,
Mark.
Re: Using certificates with WodCrypt
Mark,
If I'm right, you're trying to encrypt something using Private/Public keys. In order to do that you should set Type property to RSA/DSA.
Can you please try that?
Regards,
Damba
Re: Using certificates with WodCrypt
I've tried with you suggested, and got the following results:
Type=RSA
Encryption SecretKey=cert.PublicKey
Decryption SecretKey=cert.PrivateKey
Optimized=True
Error on decryption: Secret Password is not set, or cannot be applied to selected algoritm
Type=RSA
Encryption SecretKey=cert.PublicKey
Decryption SecretKey=cert.PublicKey
Optimized=True
Result: Decrpyted text doesn't match the original plain text.
Type=RSA
Encryption SecretKey=cert.PrivateKey
Decryption SecretKey=cert.PublicKey
Optimized=True
Error on encryption: Secret Password is not set, or cannot be applied to selected algoritm
Type=RSA
Encryption SecretKey=cert.PrivateKey
Decryption SecretKey=cert.PrivateKey
Optimized=True
Error on encryption: Secret Password is not set, or cannot be applied to selected algoritm
Attempting to use Type=DSA always generates the error Selected Type cannot be applied to the method , which makes sense as DSA is a signing algorithm.
I've been through the help file and under the What is... topic is a section called What are the advantages and disadvantages of public-key cryptography over secret-key cryptography? . This makes a reference to a topic called How is RSA used for encryption in practice? but I can't find that in the help anywhere.
There are sections that talk about using a Keys object to generate signatures, so presumably the same methods would apply to encryption and decryption as well. The problem is that there's no obvious way to load a Keys object from a .cer of .pfx file.
If you have any examples of how this can be done that would be greatly appreciated.
Re: Using certificates with WodCrypt
Mark,
Can you please send us email to:
techsupport@weonlydo.com
we will send you example there.
Drazen