Discuss this help topic in SecureBlackbox Forum
Use RSA keys, X.509 certificates or OpenPGP keys for decryption
X.509 certificates, OpenPGP keys and RSA keys can not be used to encrypt or decrypt the data.
When there's a need to use public key cryptography for encryption, a symmetric session key is generated and used to encrypt the actual data.
Then the public key is used to encrypt the session key itself.
If the session key was encrypted and included with the encrypted data, you need to do one of the following to decrypt it.
Note, that you can use KeyName property of TElXMLDecryptor as a hint for how to select the key.
For RSA keys:
- create an instance of TElXMLKeyInfoRSAData class;
- load the RSA key to RSAKeyMaterial property of TElXMLKeyInfoRSAData class.
Note that you need a private key for decryption;
- assign the instance of TElXMLKeyInfoRSAData class to KeyEncryptionKeyData property of TElXMLEncProcessor class
For X.509 certificates:
- create an instance of TElXMLKeyInfoX509Data class;
- create an instance of TElX509Certificate class and assign it to Certificate property of TElXMLKeyInfoX509Data class;
- load the certificate and the private key to an instance of TElX509Certificate class;
- assign the instance of TElXMLKeyInfoX509Data class to KeyEncryptionKeyData property of TElXMLEncProcessor class
For OpenPGP keys:
- create an instance of TElXMLKeyInfoPGPData class;
- create an instance of TElPGPSecretKey class and assign it to SecretKey property of TElXMLKeyInfoPGPData class;
- load the OpenPGP secret key to an instance of TElPGPSecretKey class;
- assign the instance of TElXMLKeyInfoPGPData class to KeyEncryptionKeyData property of TElXMLEncProcessor class
Discuss this help topic in SecureBlackbox Forum