Platforms to show: All Mac Windows Linux Cross-Platform

The module OpenSSLMBS

module OpenSSLMBS
Type Topic Plugin Version macOS Windows Linux iOS Targets
module Encryption and Hash MBS Encryption Plugin 13.4 ✅ Yes ✅ Yes ✅ Yes ✅ Yes All
A module for OpenSSL functions.

Please request what you miss here.

  • method ErrorString(ErrorCode as Integer) as string
  • method GeneratePrivateKey(Bits as Integer = 4096, Exp as Integer = 65537, Password as string = "", Algorithm as string = "") as string
  • method GetPublicKey(PrivateKey as String, PrivateKeyPassword as string = "") as string
  • method OpenSSLVersion as String
  • method PKCS7Sign(flags as Integer, InputData as string, SignKey as string, PrivateKey as String, PrivateKeyPassword as string, intermediaCertsData() as string, OutputBinary as boolean) as string
  • method PKCS7SignData(Certificate as X509MBS, PrivateKey as PKeyMBS, certs() as X509MBS = nil, data as string, flags as Integer = 0) as string
  • method PKCS7SignedData(DataP7M as String) as String
  • method RandomBytes(count as Integer) as MemoryBlock
  • method RandomBytesString(count as Integer) as String
  • method RSAPrivateDecrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
  • method RSAPrivateEncrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
  • method RSAPublicDecrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
  • method RSAPublicEncrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
  • method SignData(data as string, key as string, Password as string = "") as string
  • method SignData(data as string, key as string, Password as string = "", Algorithm as Integer) as string
  • method SMimePKCS7Decrypt(InputData as string, Certificate as X509MBS, SignKey as PKeyMBS) as String
  • method SMimePKCS7Encrypt(InputData as string, Certificate as X509MBS) as String
  • method SMimePKCS7Sign(InputData as string, Certificate as X509MBS, SignKey as PKeyMBS) as String
  • method SMimePKCS7Verify(InputData as string, Certificate as X509MBS) as String
  • method VerifyData(data as string, Signature as string, Key as string, Password as string = "") as boolean
  • method VerifyData(data as string, Signature as string, Key as string, Password as string = "", Algorithm as Integer) as boolean
  • 10 constants

Hash Algorithms

Constant Value Description
kAlgorithmSHA1 1 SHA 1.
kAlgorithmSHA224 2 SHA 2 with 224bit.
kAlgorithmSHA256 3 SHA 2 with 256bit.
kAlgorithmSHA384 4 SHA 2 with 384bit.
kAlgorithmSHA512 5 SHA 2 with 512bit.

Padding Options

Constant Value Description
kPaddingNone 3 Raw RSA encryption. This mode should only be used to implement cryptographically sound padding modes in the application code. Encrypting user data directly with RSA is insecure.
kPaddingPKCS1 1 PKCS #1 v1.5 padding. This currently is the most widely used mode.
kPaddingPKCS1OAEP 4 EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications.
kPaddingSSLv23 2 PKCS #1 v1.5 padding with an SSL-specific modification that denotes that the server is SSL3 capable.
kPaddingX931 5 X931 padding.

Some examples which use this module:

Blog Entries

Xojo Developer Magazine

Release notes

  • Version 20.5
    • Fixed a bug in OpenSSLMBS.VerifyData where it reported an error in reading key.
  • Version 20.0
    • Added RandomBytes and RandomBytesString methods to OpenSSLMBS module.
  • Version 19.3
    • Added OpenSSLMBS.PKCS7SignedData function to read data from P7M files.
  • Version 18.4
  • Version 18.0
  • Version 17.5
    • Improved OpenSSLMBS.GeneratePrivateKey to allow you to specify algorithm and encrypt keys.

The items on this page are in the following plugins: MBS Encryption Plugin.


The biggest plugin in space...