Among other topics, Cryptography and data ciphering always fascinated me. Beyond their mathematical perspective, most of the time it is a matter of putting them in practice with developed solutions: dealing with data only visible between the transmitter and the receiver. As it happens, the Xojo framework makes it really easy to deal with ciphered data.
All the methods related to cryptography and data ciphering are available under the Crypto module of Xojo, using behind the scene the Crypto++ 5.6.3 library. From the practical side, this allows us to use the RSA public key ciphering and other algorithms to compute unique footprints for given data, as for example Hash, MD5 or SHA. Paul blogged about using Public/Private Key Encryption in Xojo back when we added RSA encryption functions in 2014.
Among the methods related to RSA, we can find the ones to create the Private/Public keys, test the integrity of the public key, signing the given data and, of course, check the integrity of the signature, and ciphering / deciphering the given group of data.
As you probably already know, when we work with RSA we have to keep the Private key in a safe place, using the Public one to give to other people/service/app to whom we want to share information with in a safe manner. This way the users and/or apps and services will be able to use our public key to cipher the data that they want to share with us, and we will be able to use our private key to decipher that group of data so it is legible again.
RSA: Creating and interchanging the keys
Generating the pair of keys could not be more easy in Xojo, with this snippet of code:
Dim publicKey As String Dim privateKey As String If Crypto.RSAGenerateKeyPair( 1024, privateKey, publicKey ) Then msgBox “Successfully generated Keys!"
As you can see, the RSAGenerateKeyPair method receives the Integer number that indicates the strength (robustness) of the generated keys, followed by the String variables containing the generated Private and Public keys, passed by reference.
But in some cases it is possible that you want to use these keys beyond the scope of Xojo, for example when integrating your app with a service or solution developed in PHP. In these cases you have to consider that the keys generated with Xojo are in hexadecimal format.
What does this mean? Well, a public key generated with Xojo will look like this chunk of data:
30819D300D06092A864886F70D010101050003818B0030818702818100B4B531D3402C250D8640E739601F01FBE8ABB39635BE1778A7F4E55C49419C0595EF5A5824EA8E7A1871FB63B8960EDBB97B08C2E7EA43229903AEBCB45B9FD9E24780B15BCADB5E026849592CC1FA9B399EBD8457CC4E7A686CF53E9146E1D867ACEB675728E8821DEDA4C2F807FD668A81601F551484C5D1334B62D5E90E33020111
While other external libraries (as is the case in most of the web development frameworks), expect other data format codified as Base64. This is, something like this:
-----BEGIN PUBLIC KEY----- MIGHAoGBALS1MdNALCUNhkDnOWAfAfvoq7OWNb4XeKf05VxJQZwFle9aWCTqjnoYcftjuJYO27l7 CMLn6kMimQOuvLRbn9niR4CxW8rbXgJoSVkswfqbOZ69hFfMTnpobPU+kUbh2Ges62dXKOiCHe2k wvgH/WaKgWAfVRSExdEzS2LV6Q4zAgER -----END PUBLIC KEY-----
So the first step to encode our Xojo keys (Public or Private ones) as Base64 is converting them previously from his hexadecimal form to the DER encoding (Distinguished Encoding Rules). Here is where we have to employ the DEREncodePrivateKey and DEREncodePublicKey methods if we want to encode the Private or the Public key, respectively. Once we have done this, we will be able to encode the resulting chunk of data as Base64 without forgetting to add the header “—–BEGIN PUBLIC KEY—–“
and the footer “—–END PUBLIC KEY—–“
with the accompanying ends of lines, or maybe the header “—–BEGIN CERTIFICATE—–”
and the footer “—–END CERTIFICATE—–“
if we are dealing with a Public Key (for the Private keys we have to use the header “—–BEGIN RSA PRIVATE KEY—–”
and the footer “—–END RSA PRIVATE KEY—–“
).
You can interchange and use the Private and Public keys generated with Xojo using the PHPSecLib library.
In addition, as pointed by Thom McGrath, you can use also these keys with OpenSSL this way:
if (@openssl_public_encrypt($data, $result, $public_key, OPENSSL_PKCS1_OAEP_PADDING)) { return $result; } else { throw new \Exception('Unable to encrypt'); }
Xojo’s Crypto library will be able to use a private key to decrypt $result in this case.
Finally, if you are interested in the cryptography topic, let me recommend you some good books: Applied Cryptography and Cryptography Engineering.
Javier Rodriguez has been the Xojo Spanish Evangelist since 2008, he’s also a Developer, Consultant and Trainer who has be using Xojo since 1998. He manages AprendeXojo.com and is the developer behind the GuancheMOS plug-in for Xojo Developers and the Snippery app, among others.