Rsa

This property is relevant when signing or validating data originally provided as a string, but not when dealing with hashes or binary data. When hashing a string for these purposes, it's important to know its byte representation, such as UTF-8, ISO-8859-1, UTF-16, etc. This property defines the byte representation to use for the string before hashing, with the default being "ANSI", which is the default multibyte charset on a given computer.

Note: It is recommended that your application explicitly set this property to "utf-8".

If set to a file path, this property logs the LastErrorText of each Chilkat method or property call to the specified file. This logging helps identify the context and history of Chilkat calls leading up to any crash or hang, aiding in debugging.

Enabling the VerboseLogging property provides more detailed information. This property is mainly used for debugging rare instances where a Chilkat method call causes a hang or crash, which should generally not happen.

Possible causes of hangs include:

• A timeout property set to 0, indicating an infinite timeout.
• A hang occurring within an event callback in the application code.
• An internal bug in the Chilkat code causing the hang.

This property defines the encoding for methods ending in "ENC", such as EncryptStringENC. Valid modes include "base64", "hex", "hex_lower", and more. The encoding mode applies to signatures, encrypted data, and hashes used in or returned by a method.

This property is mainly used in SQL Server stored procedures to retrieve binary data from the last method call that returned binary data. It is only accessible if Chilkat.Global.KeepBinaryResult is set to 1. This feature allows for the retrieval of large varbinary results in an SQL Server environment, which has restrictions on returning large data via method calls, though temp tables can handle binary properties.

Provides HTML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

Provides plain text information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

Provides XML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

Indicates the success or failure of the most recent method call: 1 means success, 0 means failure. This property remains unchanged by property setters or getters. This method is present to address challenges in checking for null or Nothing returns in certain programming languages.

In SQL Server stored procedures, this property holds the string return value of the most recent method call that returns a string. It is accessible only when Chilkat.Global.KeepStringResult is set to TRUE. SQL Server has limitations on string lengths returned from methods and properties, but temp tables can be used to access large strings.

The length, in characters, of the string contained in the LastStringResult property.

When creating RSA signatures, this property determines the endianness: set it to 1 for little-endian signatures and 0 for big-endian signatures.

If 1, skips unpadding when decrypting. The default is 0. This property value is typically left unchanged.

The bit length, such as 2048, of the imported or generated RSA key.

Selects the hash algorithm for use within OAEP padding for encryption. The valid choices are "sha256", "sha384", "sha512", or "sha1".

The default is SHA1. You'll likely want to change this to to SHA256. The next major version of Chilkat (11.0.0) will change the default to SHA256.

The optional RSA encryption OAEP label is a hex representation of the label bytes used for encrypting with OAEP padding. Typically, this is left empty (0 bytes) unless there's a specific requirement to set it.

Selects the MGF (mask generation) hash algorithm for use within OAEP padding for encryption. The valid choices are "sha256", "sha384", "sha512", or "sha1".

Note: This property should typically be set to the same value as the OaepHash property. Many software implementations are not able to handle cases where the MGF hash is different than the OAEP hash.

The default is SHA1. You'll likely want to change this to to SHA256. The next major version of Chilkat (11.0.0) will change the default to SHA256.

This property controls both RSA-PSS and OAEP. When set to 0, Chilkat uses PKCS#1 v1.5 padding for both encryption and signature creation. When set to 1, Chilkat uses RSA-PSS padding for signatures, and OAEP padding for encryption.

Note: Both OAEP and RSA-PSS incorporate random bytes in the output. Therefore, the output is different each time even if all of the inputs are identical.

The default value of this property is 0.

PS> Please accept our apology for not having a separate RsaPss property. This oversight in design happened approximately 20 years ago. We've refrained from fixing to avoid backward compatibility problems.

When using RSASSA-PSS padding for signatures, you can choose the PSS salt length. By default, the salt length is set to -1, which uses the length of the hash function. For instance, with the SHA256 hash function, the salt length will be 32 bytes. You can specify a different salt length, like 20 bytes, if needed, but it's generally recommended to keep the default setting.

This is a catch-all property to be used for uncommon needs. This property defaults to the empty string and should typically remain empty.

If set to 1, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is 0. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.

Version of the component/library, such as "10.1.0"

RSA decrypts the contents of bd. usePrivateKey should be set to 1 if the private key is to be used for decrypting. Otherwise it should be set to 0 if (in rare cases) the public key is to be used for decrypting.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Returns 1 for success, 0 for failure.

Decrypts byte data using the RSA encryption algorithm. usePrivateKey should be set to 1 if the private key is to be used for decrypting. Otherwise it should be set to 0 if (in rare cases) the public key is to be used for decrypting.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Decrypts str using the RSA algorithm. str is the encoded form of the encrypted binary data. The EncodingMode property defines str's encoding. Set bUsePrivateKey to 1 to use the private key for decryption; otherwise, set it to 0 to use the public key (in rare cases).

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Decrypts encBytes with the RSA algorithm. encBytes holds the encrypted binary data. The Charset property specifies the byte representation for interpreting the decrypted text. Set usePrivateKey to 1 to use the private key for decryption; otherwise, set usePrivateKey to 0 to use the public key (used rarely). Returns the decrypted string.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Returns Nothing on failure

Decrypts str with the RSA algorithm. str is the encoded form of the encrypted binary data. The EncodingMode property defines str's encoding. The Charset property specifies the byte representation for interpreting the decrypted text. Set usePrivateKey to 1 to use the private key for decryption; otherwise, set usePrivateKey to 0 to use the public key (used rarely). Returns the decrypted string.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Returns Nothing on failure

RSA encrypts the contents of bd. Set usePrivateKey to 0 to use the public key for encrypting; otherwise, set it to 1 to use the private key (in rare cases).

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Note: The public key's role is to make encryption accessible to anyone while ensuring that only the private key holder can decrypt the messages. The public key is designed to be widely distributed so anyone can use it to encrypt messages intended for the owner of the private key.

Returns 1 for success, 0 for failure.

Encrypts byte data using the RSA encryption algorithm. Set usePrivateKey to 0 to use the public key for encrypting; otherwise, set it to 1 to use the private key (in rare cases).

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Note: The public key's role is to make encryption accessible to anyone while ensuring that only the private key holder can decrypt the messages. The public key is designed to be widely distributed so anyone can use it to encrypt messages intended for the owner of the private key.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Encrypts data using the RSA algorithm. Set bUsePrivateKey to 0 to use the public key for encrypting; otherwise, set it to 1 to use the private key (in rare cases). The encrypted data is returned in the format specified by the EncodingMode property.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Note: The public key's role is to make encryption accessible to anyone while ensuring that only the private key holder can decrypt the messages. The public key is designed to be widely distributed so anyone can use it to encrypt messages intended for the owner of the private key.

Returns Nothing on failure

Encrypts stringToEncrypt with the RSA algorithm. The Charset property specifies the byte representation of the string that is encrypted. Set usePrivateKey to 0 to use the public key for encrypting; otherwise, set it to 1 to use the private key (in rare cases).

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Note: The public key's role is to make encryption accessible to anyone while ensuring that only the private key holder can decrypt the messages. The public key is designed to be widely distributed so anyone can use it to encrypt messages intended for the owner of the private key.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Encrypts str with the RSA algorithm. The Charset property specifies the byte representation of the string that is encrypted. Set bUsePrivateKey to 0 to use the public key for encrypting; otherwise, set it to 1 to use the private key (in rare cases). The encrypted data is returned in the format specified by the EncodingMode property.

Important: If trying to match OpenSSL results, set the LittleEndian property = 0.

Note: The public key's role is to make encryption accessible to anyone while ensuring that only the private key holder can decrypt the messages. The public key is designed to be widely distributed so anyone can use it to encrypt messages intended for the owner of the private key.

Returns Nothing on failure

Exports the private-key of an RSA key pair to XML format. This is typically called after generating a new RSA key via the GenerateKey method.

Returns Nothing on failure

Exports the private-key to a private key object. This is typically called after generating a new RSA key via the GenerateKey method. Once the private key object is obtained, it may be saved in a variety of different formats.

Returns Nothing on failure

Exports the public-key of an RSA key pair to XML format. This is typically called after generating a new RSA key via the GenerateKey method.

Returns Nothing on failure

Exports the public key to a public key object. Once the public key object is obtained, it may be saved in a variety of different formats.

Returns Nothing on failure

Generates a new RSA public/private key pair. The number of bits can range from 512 to 8192. Typical key lengths are 1024, 2048, or 4096 bits. After successful generation, the public/private parts of the key can be exported to XML via the ExportPrivateKey and ExportPublicKey methods.

Note: Generating an 8192-bit RSA key can take a considerable amount of time. There are no event callbacks or progress monitoring for RSA key generation. Calling this will block the thread until it returns.

Returns 1 for success, 0 for failure.

Imports a private key from XML format. After successful import, the private key can be used to encrypt or decrypt. A private key (by definition) contains both private and public parts. This is because the public key consist of modulus and exponent. The private key consists of modulus, exponent, P, Q, DP, DQ, InverseQ, and D using base64 representation:

<RSAKeyValue>
  <Modulus>...</Modulus>
  <Exponent>...</Exponent>
  <P>...</P>
  <Q>...</Q>
  <DP>...</DP>
  <DQ>...</DQ>
  <InverseQ>...</InverseQ>
  <D>...</D>
</RSAKeyValue>

Important: The Rsa object can contain either a private key or a public key, but not both. Importing a private key overwrites the existing key regardless of whether the type of key is public or private.

Returns 1 for success, 0 for failure.

Imports a private key from a private key object. The imported private key is used in methods that sign or decrypt.

Returns 1 for success, 0 for failure.

Imports a public key from XML format. After successful import, the public key can be used to encrypt or decrypt.

Note: Importing a public key overwrites the key that is currently contained in this object - even if it's a private key.

A public key consists of modulus and exponent using base64 representation:

<RSAPublicKey>
  <Modulus>...</Modulus>
  <Exponent>...</Exponent>
</RSAPublicKey>

Important: The Rsa object can contain either a private key or a public key, but not both. Importing a private key overwrites the existing key regardless of whether the type of key is public or private.

Returns 1 for success, 0 for failure.

Imports a public key from a public key object. The imported public key is used in methods that encrypt data or verify signatures.

Returns 1 for success, 0 for failure.

The Chilkat RSA functions having names beginning with "OpenSsl" are provided to duplicate OpenSSL's rsautl functionality, which is to directly sign raw input data using an RSA private key without performing additional steps like hashing or ASN.1 encapsulation. These functions always use PKCS#1 v1.5 padding (because rsautl always uses PKCS#1 v1.5 padding and never RSA-PSS).

The maximum number of bytes that can be signed in any of the "OpenSsl" functions depends on the size of the RSA key. It is equal to the Key Size in Bytes - 11. Thus for a 2048-bit key, the maximum data size = 256 - 11 = 245 bytes.

The bytes to be signed are passed in bd. If successful, the contents of bd are replaced with the RSA signature.

Returns 1 for success, 0 for failure.

The Chilkat RSA functions having names beginning with "OpenSsl" are provided to duplicate OpenSSL's rsautl functionality, which is to directly sign raw input data using an RSA private key without performing additional steps like hashing or ASN.1 encapsulation. These functions always use PKCS#1 v1.5 padding (because rsautl always uses PKCS#1 v1.5 padding and never RSA-PSS).

The maximum number of bytes that can be signed in any of the "OpenSsl" functions depends on the size of the RSA key. It is equal to the Key Size in Bytes - 11. Thus for a 2048-bit key, the maximum data size = 256 - 11 = 245 bytes.

The bytes to be signed are passed in data. The binary RSA signature is returned.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

The Chilkat RSA functions having names beginning with "OpenSsl" are provided to duplicate OpenSSL's rsautl functionality, which is to directly sign raw input data using an RSA private key without performing additional steps like hashing or ASN.1 encapsulation. These functions always use PKCS#1 v1.5 padding (because rsautl always uses PKCS#1 v1.5 padding and never RSA-PSS).

The maximum number of bytes that can be signed in any of the "OpenSsl" functions depends on the size of the RSA key. It is equal to the Key Size in Bytes - 11. Thus for a 2048-bit key, the maximum data size = 256 - 11 = 245 bytes.

The bytes to be signed are passed in data. Returns the signature encoded based on the EncodingMode property.

Returns Nothing on failure

The Chilkat RSA functions having names beginning with "OpenSsl" are provided to duplicate OpenSSL's rsautl functionality, which is to directly sign raw input data using an RSA private key without performing additional steps like hashing or ASN.1 encapsulation. These functions always use PKCS#1 v1.5 padding (because rsautl always uses PKCS#1 v1.5 padding and never RSA-PSS).

The maximum number of bytes that can be signed in any of the "OpenSsl" functions depends on the size of the RSA key. It is equal to the Key Size in Bytes - 11. Thus for a 2048-bit key, the maximum data size = 256 - 11 = 245 bytes.

The string to be signed is passed in str. Returns the binary signature.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

The Chilkat RSA functions having names beginning with "OpenSsl" are provided to duplicate OpenSSL's rsautl functionality, which is to directly sign raw input data using an RSA private key without performing additional steps like hashing or ASN.1 encapsulation. These functions always use PKCS#1 v1.5 padding (because rsautl always uses PKCS#1 v1.5 padding and never RSA-PSS).

The maximum number of bytes that can be signed in any of the "OpenSsl" functions depends on the size of the RSA key. It is equal to the Key Size in Bytes - 11. Thus for a 2048-bit key, the maximum data size = 256 - 11 = 245 bytes.

The string to be signed is passed in str. Returns the signature encoded based on the EncodingMode property.

Returns Nothing on failure

Duplicates OpenSSL's rsautl utility for verifying RSA signatures and recovering the original data. On input, the bd contains the RSA signature that embeds the original data. If successful (i.e. the signature was verified), then the bd is transformed to contain just the original data.

Returns 1 for success, 0 for failure.

Duplicates OpenSSL's rsautl utility for verifying RSA signatures and recovering the original data. Input data consists of the raw signature bytes and returns the original bytes.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Duplicates OpenSSL's rsautl utility for verifying RSA signatures and recovering the original data. Input data is a signature string encoded according to the EncodingMode property (base64, hex, etc.). Returns the original bytes.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Duplicates OpenSSL's rsautl utility for verifying RSA signatures and recovering the original data. Input data consists of the raw signature bytes and returns the original string.

Returns Nothing on failure

Duplicates OpenSSL's rsautl utility for verifying RSA signatures and recovering the original data. Input data is a signature string encoded according to the EncodingMode property (base64, hex, etc.). Returns the original string.

Returns Nothing on failure

Provides the private or public key indirectly through a certificate. This method is used when the private key is inaccessible, such as when stored on a smart card, USB token, in the Windows registry (marked as non-exportable), or in the Apple Keychain.

Returns 1 for success, 0 for failure.

Generates an RSA digital signature by first hashing the contents of bdData with the hash algorithm specified by hashAlgorithm, which can be "sha256", "sha384", "sha512", or "sha1". The resulting signature is written to bdSig.

Note: It is important to be aware of endianness. Make sure the LittleEndian property is set according to your specific needs.

Generates an RSA digital signature by first hashing the contents of binaryData with the hash algorithm specified by hashAlgorithm, which can be "sha256", "sha384", "sha512", or "sha1". The function returns the binary signature.

Note: It is important to be aware of endianness. Make sure the LittleEndian property is set according to your specific needs.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Generates an RSA digital signature by first hashing the bytes passed in binaryData with the hash algorithm specified by hashAlgorithm, which can be "sha256", "sha384", "sha512", or "sha1". Returns the signature encoded based on the EncodingMode property.

Returns Nothing on failure

This function creates an RSA digital signature by signing the hash provided in hashBytes. hashAlg specifies the hash algorithm, which can be "sha256", "sha384", "sha512", or "sha1". The function returns the signature in binary format.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

This function creates an RSA digital signature for the hash provided in encodedHash, which should be encoded according to the EncodingMode setting (e.g., base64 if EncodingMode = "base64"). hashAlg specifies the hash algorithm and can be "sha256", "sha384", "sha512", or "sha1". The function returns the signature encoded as specified by EncodingMode.

Returns Nothing on failure

Generates an RSA digital signature by first hashing strToBeHashed with the hash algorithm specified by hashAlgorithm, which can be "sha256", "sha384", "sha512", or "sha1". The function returns the binary signature.

Note: It is recommended to set the Charset property equal to "utf-8" before signing strings.

Note: It is important to be aware of endianness. Make sure the LittleEndian property is set according to your specific needs.

Returns a zero-length byte array (as a Variant) on failure.
An empty array will have a UBound of -1 meaning 0 elements.

Generates an RSA digital signature by first hashing strToBeHashed with the hash algorithm specified by hashAlgorithm, which can be "sha256", "sha384", "sha512", or "sha1". Returns the signature encoded based on the EncodingMode property.

Note: It is important to be aware of endianness. Make sure the LittleEndian property is set according to your specific needs.

Note: It is recommended to set the Charset property equal to "utf-8" before signing strings.

Returns Nothing on failure

Imports a .snk file to an XML document that can be imported via the ImportPrivateKey method.

Returns Nothing on failure

Verifies the RSA signature passed in bdSig against the original data passed in bdData. The original data passed in bdData is hashed using the hash algorithm passed in hashAlgorithm (such as "sha256", "sha384", "sha512", or "sha1"). Returns 1 if the signature is validated, and 0 if not.

Note: Knowing the exact hash algorithm used to create the signature is not required. If the signature is not validated using the hash algorithm specified in hashAlgorithm, Chilkat will automatically try validating using the other supported algorithms and return success if any validate.

Returns 1 for success, 0 for failure.

Verifies the RSA signature passed in signatureBytes against the original data passed in originalData. The original data passed in originalData is hashed using the hash algorithm passed in hashAlgorithm (such as "sha256", "sha384", "sha512", or "sha1"). Returns 1 if the signature is validated, and 0 if not.

Note: Knowing the exact hash algorithm used to create the signature is not required. If the signature is not validated using the hash algorithm specified in hashAlgorithm, Chilkat will automatically try validating using the other supported algorithms and return success if any validate.

Returns 1 for success, 0 for failure.

Verifies the encoded RSA signature passed in encodedSig against the original data passed in originalData. The original data passed in originalData is hashed using the hash algorithm passed in hashAlgorithm (such as "sha256", "sha384", "sha512", or "sha1"). Returns 1 if the signature is validated, and 0 if not.

The signature passed in encodedSig should be encoded according to the EncodingMode property (e.g., base64 if EncodingMode = "base64")

Note: Knowing the exact hash algorithm used to create the signature is not required. If the signature is not validated using the hash algorithm specified in hashAlgorithm, Chilkat will automatically try validating using the other supported algorithms and return success if any validate.

Returns 1 for success, 0 for failure.

Validates an RSA signature provided in sigBytes against the hash of the original data in hashBytes. Returns 1 if validation is successful, otherwise returns 0. hashAlg specifies the hash algorithm used for hashBytes, such as "sha256", "sha384", "sha512", or "sha1". Ensure the hash's size (e.g., 32 bytes for sha256, 48 bytes for sha384, 64 bytes for sha512, 20 bytes for sha1) matches that of hashBytes.

Returns 1 for success, 0 for failure.

Validates an RSA signature provided in encodedSig against the hash of the original data in encodedHash. Returns 1 if validation is successful, otherwise returns 0. hashAlg specifies the hash algorithm used for encodedHash, such as "sha256", "sha384", "sha512", or "sha1". Ensure the hash's size (e.g., 32 bytes for sha256, 48 bytes for sha384, 64 bytes for sha512, 20 bytes for sha1) matches that of encodedHash.

Both encodedHash and encodedSig should be encoded according to the EncodingMode property (e.g., base64 if EncodingMode = "base64")

Returns 1 for success, 0 for failure.

Verifies the RSA signature passed in binarySig against the original data passed in originalString. The original data passed in originalString is hashed using the hash algorithm passed in hashAlgorithm (such as "sha256", "sha384", "sha512", or "sha1"). Returns 1 if the signature is validated, and 0 if not.

Note: Knowing the exact hash algorithm used to create the signature is not required. If the signature is not validated using the hash algorithm specified in hashAlgorithm, Chilkat will automatically try validating using the other supported algorithms and return success if any validate.

Returns 1 for success, 0 for failure.

Verifies the encoded RSA signature passed in encodedSig against the original data passed in originalString. The original data passed in originalString is hashed using the hash algorithm passed in hashAlgorithm (such as "sha256", "sha384", "sha512", or "sha1"). Returns 1 if the signature is validated, and 0 if not.

The signature passed in encodedSig should be encoded according to the EncodingMode property (e.g., base64 if EncodingMode = "base64")

Note: Knowing the exact hash algorithm used to create the signature is not required. If the signature is not validated using the hash algorithm specified in hashAlgorithm, Chilkat will automatically try validating using the other supported algorithms and return success if any validate.

Returns 1 for success, 0 for failure.