Platforms to show: All Mac Windows Linux Cross-Platform
Back to OpenSSLMBS module.
OpenSSLMBS.ErrorString(ErrorCode as Integer) as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 14.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
OpenSSLMBS.GeneratePrivateKey(Bits as Integer = 4096, Exp as Integer = 65537, Password as string = "", Algorithm as string = "") as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Bit size of key should be high.
See RSA key documentation on the web about details.
In Plugin version 16.2 and later this function yields time to other Xojo threads.
Algorithm specifies the encryption algorithm for key encryption. See CipherMBS for cipher names, e.g. "AES-128-CBC". (new in 17.5)
OpenSSLMBS.GetPublicKey(PrivateKey as String, PrivateKeyPassword as string = "") as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Optionally you can define a password for private key.
OpenSSLMBS.OpenSSLVersion as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
OpenSSLMBS.PKCS7Sign(flags as Integer, InputData as string, SignKey as string, PrivateKey as String, PrivateKeyPassword as string, intermediaCertsData() as string, OutputBinary as boolean) as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 15.1 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Returns the signature. If OutputBinary is true, we use DER output, else text based output.
intermediaCertsData array can be empty if you have no intermediate certificates.
OpenSSLMBS.PKCS7SignData(Certificate as X509MBS, PrivateKey as PKeyMBS, certs() as X509MBS = nil, data as string, flags as Integer = 0) as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 18.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Returns the signature (binary format = DER).
intermediaCertsData array can be empty or nil if you have no intermediate certificates.
Some examples using this method:
OpenSSLMBS.PKCS7SignedData(DataP7M as String) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 19.3 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Please pass content of a P7M file, so we can read signed content.
Returns data or empty string if this failed.
OpenSSLMBS.RandomBytes(count as Integer) as MemoryBlock
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 20.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Puts count cryptographically strong pseudo-random bytes into MemoryBlock.
OpenSSLMBS.RandomBytesString(count as Integer) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 20.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Puts count cryptographically strong pseudo-random bytes into string.
OpenSSLMBS.RSAPrivateDecrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.
RSA can only decrypt data if it's <= length of key.
Some examples using this method:
OpenSSLMBS.RSAPrivateEncrypt(data as string, PrivateKey as string, padding as Integer = 1, Password as string = "") as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.
RSA can only encrypt data if it's <= length of key.
Some examples using this method:
OpenSSLMBS.RSAPublicDecrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.
RSA can only decrypt data if it's <= length of key.
Some examples using this method:
OpenSSLMBS.RSAPublicEncrypt(data as string, PublicKey as string, padding as Integer = 1, Password as string = "") as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.2 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
See kPadding constants for Padding parameter.
Password is optional for decrypting encrypted keys.
Returns empty string on failure or raises exceptions.
RSA can only encrypt data if it's <= length of key.
Some examples using this method:
OpenSSLMBS.SignData(data as string, key as string, Password as string = "") as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 13.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Returns signature. Use EncodeHex or EncodeBase64 to make a text representation.
Internally we make a SHA1 hash of the data, open the private RSA key and do a RSA sign operation. We return the raw key as a string bytes.
On any error, we return an empty string.
Optional you can pass a password to read password protected keys.
See also:
OpenSSLMBS.SignData(data as string, key as string, Password as string = "", Algorithm as Integer) as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Returns signature. Use EncodeHex or EncodeBase64 to make a text representation.
Internally we make a hash of the data with given algorithm, open the private RSA key and do a RSA sign operation. We return the raw signature as a string bytes.
On any error, we return an empty string.
Optional you can pass a password to read password protected keys.
See also:
OpenSSLMBS.SMimePKCS7Decrypt(InputData as string, Certificate as X509MBS, SignKey as PKeyMBS) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 18.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Raises nil object exception if certificate or key is nil.
Returns empty text on error.
Some examples using this method:
OpenSSLMBS.SMimePKCS7Encrypt(InputData as string, Certificate as X509MBS) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 18.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Raises nil object exception if certificate is nil.
Returns empty text on error.
Some examples using this method:
OpenSSLMBS.SMimePKCS7Sign(InputData as string, Certificate as X509MBS, SignKey as PKeyMBS) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 18.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Raises nil object exception if certificate or key is nil.
Returns empty text on error.
Some examples using this method:
OpenSSLMBS.SMimePKCS7Verify(InputData as string, Certificate as X509MBS) as String
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 18.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Raises nil object exception if certificate is nil.
Returns empty text on error.
Some examples using this method:
OpenSSLMBS.VerifyData(data as string, Signature as string, Key as string, Password as string = "") as boolean
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 13.4 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Key can be the public or private key, but of course normally you use the public key.
Data is the raw data to compare agains. A SHA1 hash is performed and verified with the signature.
Signature must be the string returned like from SignData function. If you used EncodeHex on it, you now need to do DecodeHex.
Returns true if signature is valid and false on any other error.
Optional you can pass a password to read password protected keys.
See also:
OpenSSLMBS.VerifyData(data as string, Signature as string, Key as string, Password as string = "", Algorithm as Integer) as boolean
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Encryption and Hash | MBS Encryption Plugin | 16.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | All |
Key can be the public or private key, but of course normally you use the public key.
Data is the raw data to compare agains. A hash is performed with given algorithm and verified with the signature.
Signature must be the string returned like from SignData function. If you used EncodeHex on it, you now need to do DecodeHex.
Returns true if signature is valid and false on any other error.
Optional you can pass a password to read password protected keys.
See also:
The items on this page are in the following plugins: MBS Encryption Plugin.