Saves a private key string to a PKCS-8 encrypted private key info file.
Public Declare Function RSA_SaveEncPrivateKey Lib "diCrPKI.dll"
(ByVal strOutputFile As String, ByVal strPrivateKey As String, ByVal nCount As Long,
ByVal strPassword As String, ByVal nOptions As Long) As Long
nRet = RSA_SaveEncPrivateKey(strOutputFile, strPrivateKey,
nCount, strPassword, nOptions) As Long
String specifying the filename of the output file to be created.String containing the private key stringLong specifying the number of iterations to carry outString containing the passwordLong option flags: to specify the PBE algorithm. Select one of:pbeWithSHAAnd3-KeyTripleDES-CBC (default)pbeWithMD5AndDES-CBCpbeWithMD2AndDES-CBC"pbeWithSHA1AndDES-CBC""pkcs5PBES2" plus one ofdes-EDE3-CBC (default)AES128-CBCAES192-CBCAES256-CBCENCRYPTED PRIVATE KEY" PEM-format file
(default is binary BER-encoded format)
long _stdcall RSA_SaveEncPrivateKey(const char *szFileOut, const char *szKeyString,
long nCount, const char *szPassword, long nOptions);
Long: If successful, the return value is zero;
otherwise it returns a nonzero error code.
Rsa.SaveEncPrivateKey Method
Rsa.SaveEncPrivateKey Method
The default is to save as a binary BER-encoded PKCS-8 EncryptedPrivateKeyInfo file. If the PKI_KEY_FORMAT_PEM option is added, the file be will in PEM format. The PEM encrypted private key format uses the header and footer lines:
-----BEGIN ENCRYPTED PRIVATE KEY----- -----END ENCRYPTED PRIVATE KEY-----
This example reads Carl's unencrypted private key info file from
[SMIME-EX] and saves in encrypted format with the password "password".
It then checks that the two keys match by using the
RSA_KeyHashCode function.
Dim strPRIFile As String Dim strEPKFile As String Dim strPrivateKey As String Dim strPK1 As String Dim nChars As String Dim nRet As Long strPRIFile = "CarlPrivRSASign.pri" ' Read in Carl's unencrypted PrivateKeyInfo data nChars = RSA_ReadPrivateKeyInfo("", 0, strPRIFile, 0) If nChars <= 0 Then MsgBox "Failed to read Private Key file" Exit Sub End If ' Dimension the string to receive it - IMPORTANT strPrivateKey = String(nChars, " ") ' Read in as an "internal" key string nRet = RSA_ReadPrivateKeyInfo(strPrivateKey, nChars, strPRIFile, 0) If nRet <= 0 Then MsgBox "Failed to read Private Key file" Exit Sub End If Debug.Print "Private key length is " & RSA_KeyBits(strPrivateKey) & " bits" ' Now save it in PKCS#8 encrypted form with a password strEPKFile = "CarlPrivRSASign.epk" nRet = RSA_SaveEncPrivateKey(strEPKFile, strPrivateKey, 1000, "password", 0) Debug.Print "RSA_SaveEncPrivateKey returns " & nRet & " (expected 0)" ' Check we can read it (note easier wrapper function) strPK1 = rsaReadPrivateKey(strEPKFile, "password") If Len(strPK1) > 0 Then Debug.Print "Encrypted private key is " & RSA_KeyBits(strPK1) & " bits" Else MsgBox "Unable to read encrypted private key" End If ' To compare these strings, use the RSA_KeyHashCode function Debug.Print "HashCode(original prikeyinfo) =" & Hex(RSA_KeyHashCode(strPrivateKey)) Debug.Print "HashCode(encrypted prikeyinfo)=" & Hex(RSA_KeyHashCode(strPK1)) If RSA_KeyHashCode(strPK1) = RSA_KeyHashCode(strPrivateKey) Then Debug.Print "OK, Key string values match." Else Debug.Print "ERROR: key strings do not match." End If
This should give the output
Private key length is 1024 bits RSA_SaveEncPrivateKey returns 0 (expected 0) Encrypted private key is 1024 bits HashCode(original prikeyinfo) =A937B1B5 HashCode(encrypted prikeyinfo)=A937B1B5 OK, Key string values match.