Hello,
I have the requirement to encrypt e-mails using RSA-OAEP padding. I use the
library openssl-1.0.2k and encrypt with CMS container. The following
function describes my method. My problem is that I'm not sure if this method
really uses the RSA-OAEP padding.
bool
smime_encrypt_cms(const std::string& infile, const std::string& outfile)
{
bool bResult = false;
const char* inmode = "r";
const char* outmode = "w";
const EVP_CIPHER* cipher = NULL;
STACK_OF(X509)* encerts = NULL;
BIO* in = NULL;
BIO* out = NULL;
BIO* bio_err = NULL;
int flags = 0;
X509 *recip;
int i = 0;
unsigned char *oaep_label = NULL;
int oaep_label_l = 0;
int nflags = CMS_PARTIAL | CMS_KEY_PARAM;
CMS_ContentInfo* cms = CMS_encrypt(NULL, NULL, cipher, nflags);
EVP_PKEY_CTX* wrap_ctx = NULL;
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () started" );
cipher = get_cipher();
SMTPD_RAND_load_file ( NULL , bio_err , 0 );
encerts = sk_X509_new_null();
FOR_CONST_IT(EmailAndCertList, itRecip, _m_recipCertsList)
{
SMIME_key_list recip_encerts = (*itRecip)->smime_enc();
FOR_CONST_IT(SMIME_key_list, iter, recip_encerts)
{
sk_X509_push( encerts, (*iter).dup_cert());
}
}
if ( ! ( in = BIO_new_file ( infile.c_str() , inmode ))) {
KWlog_appl ( EV_E_APPL_INFO , "Can't open input file %s",
infile.c_str() );
_error_messages.push_back("Internal Error");
goto exit;
}
if ( ! ( out = BIO_new_file ( outfile.c_str() , outmode ))) {
KWlog_appl ( EV_E_APPL_INFO , "Can't open output file %s",
outfile.c_str() );
_error_messages.push_back("Internal Error");
goto exit;
}
for (i = 0; i < sk_X509_num(encerts); i++) {
CMS_RecipientInfo* r_info;
recip = sk_X509_value(encerts, i);
r_info = CMS_add1_recipient_cert(cms, recip, nflags);
if (!r_info) {
KWlog_appl(EV_E_APPL_INFO,
"smime_encrypt_cms(): Error while adding recipient certs to CMS info
structure");
return false;
}
wrap_ctx = CMS_RecipientInfo_get0_pkey_ctx(r_info);
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () Set OAEP Padding");
EVP_PKEY_CTX_set_rsa_padding(wrap_ctx, RSA_PKCS1_OAEP_PADDING);
EVP_PKEY_CTX_set_rsa_oaep_md(wrap_ctx, EVP_sha256());
EVP_PKEY_CTX_set_rsa_mgf1_md(wrap_ctx, EVP_sha256());
EVP_PKEY_CTX_set0_rsa_oaep_label(wrap_ctx, oaep_label, oaep_label_l);
}
CMS_final(cms, in, NULL, nflags);
/* encrypt content */
cms = CMS_encrypt(encerts, in, cipher, flags);
if( ! cms ) {
KWlog ( EV_E_APPL_INFO , "Error creating CMS structure");
KWlog_SSL ;
_error_messages.push_back("Internal Error");
goto exit;
}
flags |= SMIME_OLDMIME;
/* Write out S/MIME message */
if (!SMIME_write_CMS(out, cms, in, flags))
goto exit;
bResult = true;
exit:
SMTPD_RAND_write_file (NULL, bio_err);
sk_X509_pop_free(encerts, X509_free);
if (cms)
CMS_ContentInfo_free(cms);
BIO_free(in);
BIO_free_all(out);
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () finished" );
return ( bResult );
}
When using this function to encrypt an e-mail Thunderbird can decrypt the
message. But is RSA-OAEP padding really used or is the default padding still
used? How can I check this?
For comments I would be very grateful
Regards Rudy
--
View this message in context: http://openssl.6102.n7.nabble.com/RSA-PKCS1-OAEP-PADDING-tp70741.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
