CryptoSys PKI Toolkit Manual

RSA_ReadEncPrivateKey

RSA_ReadEncPrivateKey reads from an encrypted private key info file into an "internal" private key string.

VB6/VBA Syntax

Public Declare Function RSA_ReadEncPrivateKey Lib "diCrPKI.dll" (ByVal strPrivateKey As String, ByVal nOutChars As Long, ByVal strEpkFileName As String, ByVal strPassword As String, ByVal nOptions As Long) As Long

nRet = RSA_ReadEncPrivateKey(strPrivateKey, nOutChars, strEpkFileName, strPassword, nOptions) As Long

Parameters

strPrivateKey
[out] String to receive encoded private key data in "internal" format.
nOutChars
[in] Long specifying the maximum number of characters to be received.
strEpkFileName
[in] String specifying the filename of a PKCS-8 encrypted private key info file (or a string containing the data in PEM format).
strPassword
[in] String containing the password
nOptions
[in] Long not used in this release. Specify zero.

C/C++ Syntax

long _stdcall RSA_ReadEncPrivateKey(char *szOutput, long nOutChars, const char *szPVKFile, const char *szPassword, long nOptions);

Returns (VB6/C)

Long: If successful, the return value is the number of characters in the output string; otherwise it returns a negative error code.

.NET Equivalent

Rsa.ReadEncPrivateKey Method

Remarks

Only PKCS-8 EncryptedPrivateKeyInfo data using the rsaEncryption algorithm is supported. The file must be either in binary BER-encoded format or PEM format. Call the function with an empty or NULL strPrivateKey string to find out the required length of the string. C/C++ users should add one to this value before allocating memory. It is the reponsibility of the user to protect this private key data and to wipe when no longer required. Ditto for the password. As of [Ver 3.3]: the 500 millisecond delay has been removed and the PKI_KEY_NODELAY option is now ignored.

Example

This wrapper function returns the private key string given the filename and password 

Public Function rsaReadPrivateKey(strEPKFile As String, strPassword As String) As String
    Dim nKeyLen As Long
    Dim nRet As Long
    ' How long is the key string?
    nKeyLen = RSA_ReadEncPrivateKey("", 0, strEPKFile, strPassword, 0)
    Debug.Print "KeyLen = " & nKeyLen
    If nKeyLen <= 0 Then
        Exit Function
    End If
    ' Pre-dimension the string to receive data
    rsaReadPrivateKey = String(nKeyLen, " ")
    ' Read in the Private Key
    nRet = RSA_ReadEncPrivateKey(rsaReadPrivateKey, nKeyLen, _
        strEPKFile, strPassword, 0)
End Function

Example using this wrapper function to read in Bob's encrypted private key with the password "password".

Dim strEPKFile As String
Dim strPrivateKey As String
strEPKFile = "C:\Test\BobPrivRSAEncrypt.epk"
strPrivateKey = rsaReadPrivateKey(strEPKFile, "password")

Example reading private key in C:

char *epkfile = "BobPrivRSAEncrypt.epk";
char szPasswd[] = "password";
char *prikey;
long keylen;

/* How long is the key string? */
keylen = RSA_ReadEncPrivateKey(NULL, 0, epkfile, szPasswd, 0);
assert(keylen > 0);

prikey = malloc(keylen+1);
keylen = RSA_ReadEncPrivateKey(prikey, keylen, epkfile, szPasswd, 0);
assert(lRet > 0);
printf("Private key=%s\n", prikey);
/* Wipe the password */
WIPE_Data(szPasswd, strlen(szPasswd));

/* ... use private key string ... */

/* Clean up */
WIPE_Data(prikey, keylen);
free(prikey);

Example in VB6 reading directly from a string in PEM format. This example key is 1024 bits long. Note the required newline character (vbCrLf) before and after the base64 data. 

Dim strKeyAsPem As String
Dim strPrivateKey As String
Dim strPassword As String

strKeyAsPem = "-----BEGIN ENCRYPTED PRIVATE KEY-----" & vbCrLf & _
"MIICojAcBgoqhkiG9w0BDAEDMA4ECFleZ90vhGrRAgIEAASCAoA9rti16XVH" & _
"K4AJVe1CNf61NIpIogu/Xs4Yn4hXflvewiOwe6/9FkxBXLbhKdbQWn1Z4p3C" & _
"njVns2VYEO/qpJR3LciHMwp5dsqedUVVia//CqFHtEV9WfvCKWgmlkkT1YEm" & _
"1aChZnPP5i6IhwVT9qvFluTZhvVmjW0YyF86OrOp0uxxVic7phPbnPrOMelf" & _
"ZPc3A3EGpzDPkxN+o0obw87tUgCL+s0KtUOr3c6Si4KQ3IQjrjZxQF4Se3t/" & _
"4PEpqUl5EpYiCx9q5uqb0Lr1kWiiQ5/inZm5ETc+qO+ENcp0KjnX523CATYd" & _
"U5iOjl/X9XZeJrMpOCXogEuhmLPRauYP1HEWnAY/hLW93v10QJXY6ALlbkL0" & _
"sd5WU8Ces7T04b/p4/12yxqYqV68QePyfHpegdraDq3vRfopSwrUxtL9cisP" & _
"jsQcJ5FL/SfloFbmld4CKIjMsromsEWqo6rfo3JqNizgTVIIWExy3jDT9VvK" & _
"d9ADH0g3JCbuFzaWVOZMmZ0wlo28PKkLQ8FkW8CG/Lq/Q/bHLPM+sPdLN+ke" & _
"gpA6fvL4wpku4ST7hmeN1vWbRLlCfuFijux77hdM7knO9/MawICsA4XdzR78" & _
"p0C2hJlc6p46IWZaINQXGstTbJMh+mJ7i1lrbG2kvZ2Twf9R+RaLp2mPHjb1" & _
"+P+3f2L3tOoC31oJ18u/L1MXEWxLEZHB0+ANg+N/0/icwImcI0D+wVN2puU4" & _
"m58j81sGZUEAB3aFEbPxoX3y+qYlOnt1OfdY7WnNdyr9ZzI09fkrTvujF4LU" & _
"nycqE+MXerf0PxkNu1qv9bQvCoH8x3J2EVdMxPBtH1Fb7SbE66cNyh//qzZo" & _
"B9Je" & vbCrLf & _
"-----END ENCRYPTED PRIVATE KEY-----"
strPassword = "password"

strPrivateKey = rsaReadPrivateKey(strKeyAsPem, strPassword)
Call WIPE_String(strPassword, Len(strPassword))
If Len(strPrivateKey) = 0 Then
    Debug.Print "Error: " & pkiErrorLookup(PKI_ErrorCode())
    Exit Sub
End If
Debug.Print "Key size=" & RSA_KeyBits(strPrivateKey) & " bits"
' Do something with the private key string...
' ...
' Now wipe it
Call WIPE_String(strPrivateKey, Len(strPrivateKey))

See Also

RSA_SaveEncPrivateKey RSA_ReadPrivateKeyInfo RSA_SavePrivateKeyInfo RSA_GetPrivateKeyFromPFX

[Contents] [Index]

[HOME]   [NEXT: RSA_ReadPrivateKeyInfo...]
Copyright © 2004-9 D.I. Management Services Pty Ltd. All rights reserved.