(Perl) Encrypt a File to a PKCS7 (CMS) Message

Shows how to encrypt a file into a PKCS7 encrypted message using the recipient's certificate. Public-key encryption requires no private key. However, the recipient's private key is necessary for decryption.

Chilkat Perl Downloads Perl Module for Windows, MacOS, Linux, Alpine Linux

use chilkat();

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$crypt = chilkat::CkCrypt2->new();

# Load the recipient's digital certificate. 
# We don't need the private key for encryption.
# Only the public key is needed (which is included in a certificate).
$cert1 = chilkat::CkCert->new();
$success = $cert1->LoadFromFile("qa_data/user1/cert_user1.pem");
# Assume success for the example, but make sure your application checks for success/failure...
$crypt->SetEncryptCert($cert1);

# Indicate that we want PKI encryption (i.e. public-key infrastructure)
# to produce a CMS message (Cryptographic Message Syntax/PKCS7),
# that is be created with RSAES-OAEP padding, SHA256, and AES-256 for the
# bulk encryption.
$crypt->put_CryptAlgorithm("pki");
$crypt->put_Pkcs7CryptAlg("aes");
$crypt->put_KeyLength(256);
$crypt->put_OaepHash("sha256");
$crypt->put_OaepPadding(1);

# Load the file to be encrypted...
$fileData = chilkat::CkBinData->new();
$success = $fileData->LoadFile("qa_data/jpg/penguins.jpg");
# Your app should check for success/failure..

# Encrypt the data.  The contents of the fileData object are replaced with the PKCS7 encrypted message.
$success = $crypt->EncryptBd($fileData);
if ($success != 1) {
    print $crypt->lastErrorText() . "\r\n";
    exit;
}

# Save the PKCS7 encrypted message to a file..
$success = $fileData->WriteFile("qa_output/pkcs7_encrypted.p7");

print "OK." . "\r\n";