Leaderboard

Hi Kas Ob., Thank you so much for your detailed response and for taking the time to look into this. I really appreciate your help and insights! You're right, the main issue was loading the private key correctly, as TurboPower LockBox 3 doesn't seem to have built-in ASN.1 decoding capabilities. After considering your suggestions, I decided to switch from TurboPower LockBox 3 and use an OpenSSL wrapper instead, along with libeay32.dll. This approach allows me to properly handle the PEM-encoded private key and perform the RSA decryption. I've managed to get it working, and it seems to be decrypting the string as expected. For anyone interested, I've attached a zip file with a sample project demonstrating the solution. Please note that the code is still a bit rough around the edges and could use some cleaning up. Thanks again for your guidance! src.zip

I've used both Plesk and cPanel, and I'm not going to debate which is "best". It's true that Plesk is found mainly on Windows hosts while cPanel is mostly on Linux hosts, and in my experience cPanel adds less to the hosting costs than Plesk. Plesk seems to be marketed more to corporations while cPanel is more attractive to SMBs and people with smaller budgets. That said, both are great at allowing you to admin your machine. My biggest gripe about Windows is that it's just too frigging complicated because of all the security crap that has been added over the years since Win NT. The control panel is just another layer on top of whatever the OS provides, and I've always found *nix to be far simpler than Windows. I learned how to admin a Unix box back in the 80s and a lot of that knowledge is still relevant today. I grew up learning DOS and CP/M and then Windows, and for the past 15+ years while I was a working stiff, I've had access to an IT Dept to deal with the Admin side of Windows, so I'm way out-of-touch with it. Frankly, there's not much I learned from XP and NT that seems to apply today, and it just drives me nuts having to deal with it. Twenty years ago, my then wife's Windows machine got a virus, and it took me around 10 hours to isolate it and get rid of it. That's because I couldn't find any anti-virus software that found anything and I didn't feel like reformatting the hard drive and starting over with a clean install. In contrast, one of my Macs seems to have gotten infected in the past week or so, and it only took me about 4 hours to isolate the source and nuke it after Malwarebytes found nothing. I'm far more comfortable doing Admin stuff in *nix than Windows. I've had some Windows servers and none of the hosting places offered Plesk. I bought a little box to use for some dev work and a Plesk license costs more than the box did! So if you have the budget and stomach to deal with Plesk and Windows Admin stuff. knock yourself out. I'm semi-retired now and really want to focus on things I ENJOY doing, not learning enough to start a new career. FWIW, I'd rather put in the time needed to learn to fly a plane than become a Windows Admin! Neither one of them will make me any money, but flying seems like a hellofalot more fun than Windows Admin stuff.

Hi, I waited for someone else to add an answer for you as i don't use LockBox, and have no experience with it, sources i looked at https://github.com/TurboPack/LockBox https://github.com/TurboPack/LockBox3 Now to what i see (without building or compiling anything): 1) Extracted the private key from your post and pasted it on ASN1 decoder and here the result https://lapo.it/asn1js/#MIICXAIBAAKBgQDFoP5AJIv1KFGRpv_Uw7drFXjWbZG6wNsO7P58ocZIcxyKGU6uTgXw8N1IvTmd9yXRSdcb2fCWB7J_QUQDJQ3YuuXSOQCVOdi8Wy9UoZ5jNdqtZ6CMCvnK_v4Wy38ZhrB0CRkeiuyjmUdfQhe8mh3pE3iFBusYd1TVCxQt3VBkqQIDAQABAoGAaYBaeo-ID6YodWL7a-_XeNkLmxz_EP1nc_5clNgf7AlXkPmVoUORtGBBIVWy7ntDuwh6Ryn_X3hYd8q1riAX1UwVuUduOENmgyzmO1rRIoB_17vzYwVMYOB2h-qbxEqjg4dUfk_1occyDwpehWel-1NIgvQLNYLcn2JXxkAyrMkCQQD37-3Y8sjYxwApgiIClsCjrla73cS_QwzArGEnOjBs86LyzCc0pNzmP2OD0a9VlD3k6dMnhT2Oj-2knZs8dUlHAkEAzA4_mQeFvdiKIkzUBECn3w9Ylu2IfpKnQt_0EFUENxS9ONZ1jj4pzDBfZosgwnE1GiECELM3R_6Pzl-uIGrajwJBALm5HG3az-CykMiHFnrh-kOiII5xvSOYUkEx30THLecvSeyeSPACXwaKjTz9IV31wbdsACQmhsn3vogFF3feU5kCQARP9MYeI5RshBbPeteQKjwLjfq6kFzkaoZ-RyElOs6TMKCH37oe1DFNgGahYBLb45xmwC1sLCnoVk-tM_fZaj8CQGQyIlxwbgNBBdV3wnmtX9yPDflOsjpo3FuBMOu3nZADKEpmTXFgdwP4oMMbCmDvH3dav92LE5JN1cPik9z0Piw And that is correct and valid RSA key, yet clicked and browsed the sources on github, there is no ASN1 decoder in the sources, the closest thing is using OpenSSL to do the loading of the private key, or to be more accurate to decode the private key to usable format by TP. 2) searching for KJUR.crypto.Cipher.decrypt, found this https://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Cipher.html So the encryption indeed is RSAOAEP, (RSA encryption is completely different from RSAOAEP for future references don't mix them), also check the sources and its look like TP can do RSAOAEP https://github.com/TurboPack/LockBox3/blob/master/run/RSA/uTPLb_RSA_Primitives.pas#L116 And that what you should use, so your code is using "Signatory: TSignatory" in complete wrong path 3) Also important the JS code does the decryption, and as usual decryption parameters way less than encryption, to perform RSAOAEP encryption and decryption sometimes you need the default parameters and sometimes you need to figure if there is some default must be set before the decryption. 3) Couldn't find useful examples for you but, so others may help here, or you can start by looking at https://github.com/TurboPack/LockBox3/blob/master/test/uLockBox_RSA_TestCases.pas#L466 Notice there codec and no TSignatory, but the most important (for me at least) these keys are not decodable as they are not ASN1, from the sources they look like custom format specific to LockBox Here SO question, close enough to your problem https://stackoverflow.com/questions/68186850/lockbox-3-encrypt-rsa-with-public-certyficate Again couldn't find what can solve your problem in full Suggestion With above i hope you have better understanding what is your problem actually is, it is loading the private key as first step, then perform the right decryption with RSAOAEP, and that is it, so either try with OpenSSL to load and decrypt or look for different library. And good luck !