Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
Working with PEM Encrypted Private Keys
See more PEM Examples
Demonstrates how to load and save PEM encrypted private keys.Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.FileAccess,
Chilkat.PrivateKey,
Chilkat.Pem;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
pem: TPem;
pemPassword: string;
fac: TFileAccess;
pemText: string;
i: Integer;
numPrivateKeys: Integer;
privKey: TPrivateKey;
begin
success := False;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
success := False;
pem := TPem.Create;
pemPassword := 'secret';
// To load a PEM file containing encrypted private keys, simply
// provide the password.
success := pem.LoadPemFile('/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem',pemPassword);
if (success = False) then
begin
WriteLn(pem.LastErrorText);
Exit;
end;
fac := TFileAccess.Create;
pemText := fac.ReadEntireTextFile('/Users/chilkat/testData/pem/pemContainingEncryptedPrivateKeys.pem',pemPassword);
// To load a PEM from a string, call LoadPem instead of LoadPemFile:
success := pem.LoadPem(pemText);
if (success = False) then
begin
WriteLn(pem.LastErrorText);
Exit;
end;
// A few notes:
// The PEM may contain both private keys and certificates (or anything else).
// The password is utilized for whatever content in the PEM is encrypted.
// It is OK to have both encrypted and non-encrypted content within a given PEM.
// PEM private keys can be encrypted in different formats. The LoadPem and LoadPemFile
// methods automatically handle the different formats.
// One format is PKCS8 and is indicated by this delimiter within the PEM:
// -----BEGIN ENCRYPTED PRIVATE KEY-----
// MIICoTAbBgkqhkiG9w0BBQMwDgQIfdD0zv24lgkCAggABIICgE0PdHJmRbNs6cBX
// ...
// Another format, we'll call "passphrase" looks like this in the PEM:
// -----BEGIN RSA PRIVATE KEY-----
// Proc-Type: 4,ENCRYPTED
// DEK-Info: DES-EDE3-CBC,A4215544D11C5D0C
//
// paqy9XRexcSjurHfG0xhCaUD0HrvIdhuC0CbRxxxeMlkLaV6+uT80rBxt2AaibWG
// ...
// Show the bit length of each private key:
numPrivateKeys := pem.NumPrivateKeys;
if (numPrivateKeys = 0) then
begin
WriteLn(('Error: Expected the PEM to contain private keys.'));
Exit;
end;
privKey := TPrivateKey.Create;
for i := 1 to numPrivateKeys do
begin
pem.PrivateKeyAt(i - 1,privKey);
WriteLn(i + ': ' + privKey.BitLength + ' bits');
end;
pem.Free;
fac.Free;
privKey.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.