(C) RSA-OAEP with SHA256 hashing

RSA encrypt a SHA256 hash with OAEP padding.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkPublicKey.h>
#include <C_CkStringBuilder.h>
#include <C_CkJsonObject.h>
#include <C_CkRsa.h>

void ChilkatSample(void)
    {
    HCkPublicKey pubkey;
    HCkStringBuilder sbPem;
    BOOL bCrlf;
    BOOL success;
    HCkJsonObject json;
    HCkRsa rsa;
    BOOL bUsePrivateKey;
    const char *encryptedStr;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    pubkey = CkPublicKey_Create();

    sbPem = CkStringBuilder_Create();
    bCrlf = TRUE;
    CkStringBuilder_AppendLine(sbPem,"-----BEGIN PUBLIC KEY-----",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33TqqLR3eeUmDtHS89qF",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"3p4MP7Wfqt2Zjj3lZjLjjCGDvwr9cJNlNDiuKboODgUiT4ZdPWbOiMAfDcDzlOxA",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"04DDnEFGAf+kDQiNSe2ZtqC7bnIc8+KSG/qOGQIVaay4Ucr6ovDkykO5Hxn7OU7s",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"Jp9TP9H0JH8zMQA6YzijYH9LsupTerrY3U6zyihVEDXXOv08vBHk50BMFJbE9iwF",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"wnxCsU5+UZUZYw87Uu0n4LPFS9BT8tUIvAfnRXIEWCha3KbFWmdZQZlyrFw0buUE",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"f0YN3/Q0auBkdbDR/ES2PbgKTJdkjc/rEeM0TxvOUf7HuUNOhrtAVEN1D5uuxE1W",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"SwIDAQAB",bCrlf);
    CkStringBuilder_AppendLine(sbPem,"-----END PUBLIC KEY-----",bCrlf);

    // Load the public key object from the PEM. 
    success = CkPublicKey_LoadFromString(pubkey,CkStringBuilder_getAsString(sbPem));
    if (success != TRUE) {
        printf("%s\n",CkPublicKey_lastErrorText(pubkey));
        CkPublicKey_Dispose(pubkey);
        CkStringBuilder_Dispose(sbPem);
        return;
    }

    // Build a small string to encrypt
    json = CkJsonObject_Create();
    CkJsonObject_UpdateString(json,"example","123");
    CkJsonObject_UpdateString(json,"hello","world");
    printf("%s\n",CkJsonObject_emit(json));

    // This is the JSON to be RSA encrypted:  {"example":"123","hello":"world"}

    // IMPORTANT: RSA encryption is only used to encrypt small amounts of data.
    // RSA is only able to encrypt data to a maximum amount of your key size (2048 bits = 256 bytes) 
    // minus padding / header data (11 bytes for PKCS#1 v1.5 padding, 42 bytes for OAEP).
    // As a result it is often not possible to encrypt files with RSA directly. 
    // RSA is also not meant for this purpose. 
    // 
    // If you want to encrypt more data, you can use something like:
    // 1) Generate a 256-bit random keystring K
    // 2) Encrypt your data with AES-CBC with K
    // 3) Encrypt K with RSA
    // 4) Send both to the other side 

    rsa = CkRsa_Create();
    CkRsa_putOaepPadding(rsa,TRUE);
    CkRsa_putOaepHash(rsa,"SHA-256");
    CkRsa_ImportPublicKeyObj(rsa,pubkey);
    CkRsa_putEncodingMode(rsa,"base64");

    // Note: The OAEP padding uses random bytes in the padding, and therefore each time encryption happens,
    // even using the same data and key, the result will be different --  but still valid.  One should not expect
    // to get the same output.
    bUsePrivateKey = FALSE;
    encryptedStr = CkRsa_encryptStringENC(rsa,CkJsonObject_emit(json),bUsePrivateKey);
    if (CkRsa_getLastMethodSuccess(rsa) != TRUE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkPublicKey_Dispose(pubkey);
        CkStringBuilder_Dispose(sbPem);
        CkJsonObject_Dispose(json);
        CkRsa_Dispose(rsa);
        return;
    }

    printf("Result: %s\n",encryptedStr);


    CkPublicKey_Dispose(pubkey);
    CkStringBuilder_Dispose(sbPem);
    CkJsonObject_Dispose(json);
    CkRsa_Dispose(rsa);

    }