Search code examples
c++encryptioncrypto++

How to encrypt/decrypt data using RSA OAEP SHA-256 in Crypto++

How can I encrypt my string data with SHA-256 padding instead of the default SHA-1 padding in Crypto++? I have not been able to find any way to change what padding algorithm my encryption/decryption functions use. I have heard of some libraries having hard-coded padding schemes, but I hope that there is a way to modify the one used by Crypto++.

Here is my encryption method:

string GUIMain::encryptData(const string data) {
    CryptoPP::RSAES_OAEP_SHA_Encryptor e(*serverPublic);
    string cipher;
    CryptoPP::StringSource ss1(data, true, new CryptoPP::PK_EncryptorFilter(*rng, e, new CryptoPP::StringSink(cipher)));
    return cipher;
}

Here is my decryption method:

string GUIMain::decryptData(const string cipher) {
    CryptoPP::RSAES_OAEP_SHA_Decryptor d(*privateKey);
    string recovered;
    CryptoPP::StringSource ss2(cipher, true, new CryptoPP::PK_DecryptorFilter(*rng, d, new CryptoPP::StringSink(recovered)));
    return recovered;
}

The keys (*serverPublic and *privateKey) are object types RSA::PublicKey and RSA::PrivateKey respectively. *rng is an AutoSeededRandomPool object.

Is there any way I could add to/change these methods to work correctly? I am new to C++, so please explain solutions if possible.

Solution

  • How can I encrypt my string data with SHA-256 padding instead of the default SHA-1 padding in Crypto++?

    RSAES_OAEP_SHA_Encryptor and RSAES_OAEP_SHA_Decryptor are typedefs:

    $ grep RSAES_OAEP_SHA_Encryptor *.h
rsa.h:DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Encryptor, RSAES_OAEP_SHA_Encryptor);

$ grep RSAES_OAEP_SHA_Decryptor *.h
rsa.h:DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Decryptor, RSAES_OAEP_SHA_Decryptor);

    You can use the following instead:

     RSAES<OAEP<SHA256> >

    So your encryptor and decryptor would be:

     RSAES<OAEP<SHA256> >::Encryptor
 RSAES<OAEP<SHA256> >::Decryptor

    Keep the extra space after the > for the template. It is needed on older versions of the C++ language. Otherwise, the compiler sees >> and thinks it is part of an extraction operator.

    There are several typedefs like the ones you are using:

    $ grep RSAES *.h
...
rsa.h:struct RSAES : public TF_ES<RSA, STANDARD>
rsa.h:/// \brief \ref RSAES<STANDARD> "RSAES<PKCS1v15>::Decryptor" typedef
rsa.h:DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Decryptor, RSAES_PKCS1v15_Decryptor);
rsa.h:/// \brief \ref RSAES<STANDARD> "RSAES<PKCS1v15>::Encryptor" typedef
rsa.h:DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Encryptor, RSAES_PKCS1v15_Encryptor);
rsa.h:/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Decryptor" typedef
rsa.h:DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Decryptor, RSAES_OAEP_SHA_Decryptor);
rsa.h:/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Encryptor" typedef
rsa.h:DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Encryptor, RSAES_OAEP_SHA_Encryptor);

    DOCUMENTED_TYPEDEF is a macro in config_ns.h. The macro helps generate better documentation when make docs is run.

    A regular compile uses the following.

    typedef RSAES<OAEP<SHA1> >::Encryptor RSAES_OAEP_SHA_Encryptor;

    A documentation build uses the following. Inheritance works better when building documentation.

    struct RSAES_OAEP_SHA_Encryptor : RSAES<OAEP<SHA1> >::Encryptor
{
};