In the same way you can pass a base64 string instead of an X.509 filename, you can now pass a string containing the certificate in PEM format. The PEM format looks like
-----BEGIN CERTIFICATE----- MIHgMIGaAgEBMA0GCSqG... -----END CERTIFICATE-----
Similarly, those RSA functions which require you to pass the filename of an RSA key file will now accept a string that contains the file contents in PEM format. An RSA key file in PEM format looks like
-----BEGIN ENCRYPTED PRIVATE KEY----- MIICojAcBgoqhkiG9w0BDAEDMA4ECHPQz6NdAmoFAgIH0ASCAoBKn9KXr+dm Vtc0ZhEog7t3Prs4rJazwUsXExU78ePLMquxLi/cPmqtyjb472r6XUOa... -----END ENCRYPTED PRIVATE KEY-----
The functions will accept all strings that start with "-----BEGIN" and are of the form
-----BEGIN XXX-----\n (base64-encoded data) \n-----END XXX-----
provided there is a newline character, either LF or CRLF (indicated as \n above) between the pre-encapsulation boundary
"-----BEGIN XXX-----" and the start
of the base64 data, and another before the post-encapsulation boundary "-----END XXX-----".
So do not remove the newline characters from the PEM string.
The exact word or words used for "XXX" do not matter.
Any non-base64 characters found in the encoded data, including newline characters or spaces, will be ignored.
This means, for example, that you can store your certificates and encrypted private keys as strings in a database. Note that an X.509 certificate can be passed either as a plain base64 string or in PEM format; that is, both with and without the "-----BEGIN CERTIFICATE-----" encapsulation; but RSA key data can only be passed in PEM format.
This first example shows how an encrypted private key can be read from a string instead of a file.
Dim strKeyPemData As String ' The vbCrLf after the first line is important and so is the one before the last line strKeyPemData = _ "-----BEGIN ENCRYPTED PRIVATE KEY-----" & vbCrLf & _ "MIICojAcBgoqhkiG9w0BDAEDMA4ECHPQz6NdAmoFAgIH0ASCAoBKn9KXr+dm" & vbCrLf & _ "Vtc0ZhEog7t3Prs4rJazwUsXExU78ePLMquxLi/cPmqtyjb472r6XUOa9J/v" & vbCrLf & _ "g2gYHlJ7D7FfAdTdVbHmXWfZzdIqI+AKZmrMoIfSVSSrI8mLDXLDgJVm2Gxa" & vbCrLf & _ "r/YJ154L4fwqWjj0b06v8nTrXTp7G3ZSxjmXc3auf8tS1RatpDuSn027jBGt" & vbCrLf & _ "Pg2CGPjeSomOU7Efd89R+gryW3RfXaMEv1TtGmdS+szxN4TAzgFTzjzE7qJ2" & vbCrLf & _ "+WL09hBRxSyi5JybbxblrO5zDbGJD8rq4kGawWUj4PYDpOkxQYQyK/cALEvv" & vbCrLf & _ "EipLeWvk03CadKER3EcpL7wQT3N5wJGNx7GR3efkO7lO/VfGf6kYFsJ8Qt94" & vbCrLf & _ "vBlgq84abgSD+rlRX03re/NLJQ00Qxl3bDrkSiRoXSfBiOeVzBVTsh03Sj4B" & vbCrLf & _ "V0v2KLENsMXr40rMqTGfKD3V+FyYUehWEkEl3NrIVpBSJir+g4H3tl76SdNe" & vbCrLf & _ "mq/cTtQP+EY8fpC3I46dyDXFat3wQfubw+E5nGfv7xp6vRVRRolpZx7DpuB/" & vbCrLf & _ "z1tzO3uP0vJ0pjATriO/ZAVs6UrXx+DJ6XsfrAVt0jpW5Ngr8rm2EiD3/1T9" & vbCrLf & _ "7q1dELJ7GzCY1dG99XVjt9ZXb7cI8zsPpT/gzQJLfeLe3U5Mdw0hKZLfPCex" & vbCrLf & _ "0urs3ytK0XNu+jZAYeSaysG8/rHJaH74WOgJ8gnSPY4QtWsu6+3qBErS2jbq" & vbCrLf & _ "7E2jRvBKWICVd1yiQCDq/c6s9LeYhNhZsmcWxuX9b4lG9f1LHZy0djhIYi4x" & vbCrLf & _ "IpcEfjkTH+7zUOkMQ+fXZHtSEVFt9L2Ci49jB8YReqbfOuDFzzwsk3xxfL2h" & vbCrLf & _ "ZoRK" & vbCrLf & _ "-----END ENCRYPTED PRIVATE KEY-----" Dim nLen As Long Dim strPassword As String Dim strPrivateKey As String strPassword = "password" ' How long is PrivateKey string? nLen = RSA_ReadEncPrivateKey("", 0, strKeyPemData, strPassword, 0) If nLen <= 0 Then Debug.Print "ERROR: RSA_ReadEncPrivateKey returns " & nLen Exit Sub End If ' Pre-dimension the string to receive data strPrivateKey = String(nLen, " ") ' Read in the Private Key nLen = RSA_ReadEncPrivateKey(strPrivateKey, Len(strPrivateKey), strKeyPemData, strPassword, 0) If nLen <= 0 Then Debug.Print "ERROR: RSA_ReadEncPrivateKey returns " & nLen Exit Sub End If Debug.Print "Private key is " & RSA_KeyBits(strPrivateKey) & " bits long." ' ... do something with the private key... ' then make sure it is deleted strPrivateKey = wipeString(strPrivateKey)
This should produce the output
Private key is 1024 bits long.