User Tools

Site Tools


28.3.0 Component OpenSSL

The component gb.openssl implements with the four classes Cipher, Digest, CipherText and HMac various encryption and hash methods that you can use using the OpenSSL crypto library (OpenSSL library) for encoding and decoding as well as for determining hash values of, for example, texts. Class Cipher

The Cipher class makes the (block and stream) cipher algorithms of the OpenSSL project accessible to Gambas. Before using the class in practice, learn about the OpenSSL project and about the theory of encryption and decryption algorithms.

The class has only the one static property Cipher.List and the static method Cipher.IsSupported().

Cipher.List (gb.openssl)
Static Property Read List As String[]

The Cipher.IsSupported() method uses the algorithm name to determine whether or not a particular algorithm from the OpenSSL library is available on your system:

Print Cipher.IsSupported("AES-192-CFB")

The function returns True if the named algorithm exists. It is possible that a particular algorithm exists on one system and not on another. This depends on the OpenSSL library installed on the system. The IsSupported() method is not case sensitive.

It is interesting to note that you can use the Cipher class in conjunction with the '.Cipher.Method' class like a ReadOnly array.

The virtual, static class Cipher.Method (gb.openssl) has these two properties:

IvLength IntegerLength of the InitVector expected by the algorithm
KeyLength IntegerKey length expected by the algorithm

Table : Overview of the properties of the class Cipher.Method

The class has four methods:

MethodReturn typeDescription
Encrypt ( Plain As String [ , Key As String, InitVector As String ] ) CipherTextEncrypts a given plaintext with a key and initialisation vector. If an optional argument is not passed, randomly generated bytes are used.
Decrypt ( Cipher As CipherText )StringDecrypts a CipherText object as returned by Encrypt(). The plaintext is returned.
EncryptSalted ( Plain As String, Password As String [ , Salt As String ] )StringEncrypts a plaintext using a password. The optional Salt parameter must be an 8-byte string. If a Salt argument is passed, then a length of 8 is achieved by appending zeros or by truncation. Otherwise a random salt value is used.
DecryptSalted ( Cipher As String, Password As String ) StringDecrypts a string returned by EncryptSalted() if the password is correct.

Table : Methods of the class Cipher.Method Class CipherText

The CipherText class has three read-only properties:

CipherStringThe calculated cipher.
InitVectorStringThe initialisation vector used to encrypt.
KeyStringThe key used.

Table : Properties of the Cipher class.

Hint:\\. EncryptSalted(), unlike Encrypt(), returns a single string. The format of this string is compatible with the output of the console program “openssl”:

hans@linux:~$ echo -n "Gambas" | openssl aes-128-cfb -k "Schrimp" -S 0001020304050607 | base64
~> U2FsdGVkX18AAQIDBAUGB0ZSV6yXHw== Class Digest

The CipherText class serves as a storage structure for the result of the Encrypt() method. It has three properties that can only be read. They are parameters of the encryption algorithm and are needed to decrypt the ciphertext:

Digest.List (gb.openssl)
Static Property Read List As String[]

Use the Digest.IsSupported() method to determine whether or not a particular hash algorithm from the OpenSSL library can be used on your system:

Print Digest.IsSupported("SHA256")

The function returns True if the named algorithm exists on the current system. This function is also case-insensitive. Class HMac

The HMac class implements hash-based 'Message Authentication Codes' (HMAC). You can find information about this on Wikipedia at, among other places. You can use the HMac class like a (static) function and use two implemented constants:

HMac.RipeMD160 (gb.openssl)
Const RipeMD160 As Integer = 117 ' &H75
HMac.Sha1 (gb.openssl)
Const Sha1 As Integer = 64 ' &H40

Use these constants as method parameters in the function call HMac(constant) so that the hash algorithm RIPEMD-160 or SHA1 is used.

The website uses a temporary session cookie. This technically necessary cookie is deleted when the browser is closed. You can find information on cookies in our privacy policy.
k28/k28.3/start.txt · Last modified: 01.02.2022 (external edit)

Page Tools