procedure TRSAOpenSSL.PrivateDecrypt(var aRSAData: TRSAData);
var
rsa: pRSA;
out_: AnsiString;
str, data: PAnsiChar;
len: Integer;
b64, mem: pBIO;
size: Integer;
err: Cardinal;
begin
LoadSSL;
FPrivateKey := LoadPrivateKey;
//FPrivateKey := LoadPrivateKeyFromString(''); // Load PrivateKey from including ansistring;
if FPrivateKey = nil then
begin
err := ERR_get_error;
repeat
aRSAData.ErrorMessage:= aRSAData.ErrorMessage + string(ERR_error_string(err, nil)) + #10;
err := ERR_get_error;
until err = 0;
exit;
end;
rsa := EVP_PKEY_get1_RSA(FPrivateKey);
size := RSA_size(rsa);
GetMem(data, size);
GetMem(str, size);
b64 := BIO_new(BIO_f_base64);
mem := BIO_new_mem_buf(PAnsiChar(aRSAData.EncryptedData), Length(aRSAData.EncryptedData));
BIO_flush(mem);
mem := BIO_push(b64, mem);
BIO_read(mem, str , Length(aRSAData.EncryptedData));
BIO_free_all(mem);
len := RSA_private_decrypt(size, PAnsiChar(str), data, rsa, RSA_PKCS1_PADDING);
if len > 0 then
begin
SetLength(out_, len);
Move(data^, PAnsiChar(out_ )^, len);
aRSAData.ErrorResult := 0;
aRSAData.ErrorMessage := 'Base64 has been decoded and decrypted' + #10;
aRSAData.DecryptedData := out_;
end
else
begin
err := ERR_get_error;
aRSAData.ErrorResult := -1;
repeat
aRSAData.ErrorMessage := aRSAData.ErrorMessage + string(ERR_error_string(err, nil)) + #10;
err := ERR_get_error;
until err = 0;
end;
RSA_free(rsa);
FreeSSL;
end;
procedure TRSAOpenSSL.PrivateEncrypt(var aRSAData: TRSAData);
var
rsa: pRSA;
str, data: AnsiString;
len, b64len: Integer;
penc64: PAnsiChar;
b64, mem: pBIO;
size: Integer;
err: Cardinal;
begin
LoadSSL;
FPrivateKey := LoadPrivateKey;
if FPrivateKey = nil then
begin
err := ERR_get_error;
repeat
aRSAData.ErrorMessage := aRSAData.ErrorMessage + string(ERR_error_string(err, nil)) + #10;
err := ERR_get_error;
until err = 0;
exit;
end;
rsa := EVP_PKEY_get1_RSA(FPrivateKey);
EVP_PKEY_free(FPrivateKey);
size := RSA_size(rsa);
GetMem(FCryptedBuffer, size);
str := AnsiString(aRSAData.DecryptedData);
len := RSA_private_encrypt(Length(str), PAnsiChar(str), FCryptedBuffer, rsa, RSA_PKCS1_PADDING);
if len > 0 then
begin
aRSAData.ErrorResult := 0;
//create a base64 BIO
b64 := BIO_new(BIO_f_base64);
mem := BIO_push(b64, BIO_new(BIO_s_mem));
try
//encode data to base64
BIO_write(mem, FCryptedBuffer, len);
BIO_flush(mem);
b64len := BIO_get_mem_data(mem, penc64);
//copy data to string
SetLength(data, b64len);
Move(penc64^, PAnsiChar(data)^, b64len);
aRSAData.ErrorMessage := 'String has been encrypted, then base64 encoded.' + #10;
aRSAData.EncryptedData := string(data);
finally
BIO_free_all(mem);
end;
end
else
begin
err := ERR_get_error;
aRSAData.ErrorResult := -1;
repeat
aRSAData.ErrorMessage := aRSAData.ErrorMessage + string(ERR_error_string(err, nil)) + #10;
err := ERR_get_error;
until err = 0;
end;
RSA_free(rsa);
end;