Support for RSA encryption using OAEP padding with 2 different message digests

jorisv92 · November 16, 2020, 12:54pm

Hi all,

I’m porting some code from OpenSSL to Mbed TLS.
The code is encrypting some data using the OpenSSL RSA mode RSA_OAEPWithSHA256AndMGF1SHA1Padding.

This mode uses 2 different message digest functions for the OAEP padding: SHA256 and SHA1.
I was wondering how I can achieve this using Mbed TLS, since it seems the API only allows one message digest function to be set.

What I did so far was:

mbedtls_rsa_set_padding(rsa_key, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
mbedtls_rsa_pkcs1_encrypt(rsa_key, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, payload_len, payload_buf, output_buf);

But it seems this code is equivalent to OpenSSL mode RSA_OAEPWithSHA256AndMGF1SHA256Padding, since I can correctly decrypt the output with this OpenSSL mode (and not with the one I wanted, RSA_OAEPWithSHA256AndMGF1SHA1Padding).

Does anyone know a way of getting 2 different message digest functions in OAEP?

Thanks a lot!

jsdoitao · March 17, 2021, 4:35pm

Hi @jorisv92, have you solved such problem? I’m blocking on the same issue you met, any suggestion to achive OAEPWITHSHA256andMGF1SHA1Padding?

Thanks a lot.

Topic		Replies	Views
mbedTLS equivalent for Java's "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" Crypto and SSL questions	3	1863	March 22, 2022
RSA SHA-256 Encrypt String on ESP32 Mbed TLS	2	3822	October 31, 2021
Sha-crypt function needed Crypto and SSL questions mbed_tls	0	382	January 12, 2021
RSA/ECB/PKCS1PADDING 2048BITS PUBLIC KEY Encryption Crypto and SSL questions mbed_tls	0	793	June 21, 2022
Support for RSAPSS according to PKCS #1 v2.2: RSA Cryptography Standard Crypto and SSL questions	3	1762	June 27, 2018

Support for RSA encryption using OAEP padding with 2 different message digests

Related Topics