Sample code for 30+ languages & platforms
DataFlex

Use RSAES-OAEP Padding for Encrypted Email

See more Email Object Examples

Demonstrates the Chilkat Email.OaepPadding property, which selects the RSA encryption scheme used when encrypting email. The default is false, which selects RSAES PKCS1-v1_5; setting it to true selects RSAES-OAEP. This affects the RSA key-encryption step used for S/MIME encryption — it does not change the symmetric content-encryption algorithm chosen by Pkcs7CryptAlg. This example enables OAEP padding.

Background: Recall that S/MIME encrypts the message body with a one-time symmetric key, then encrypts that key with RSA. "Padding" is how the key bytes are formatted before RSA is applied. The older PKCS1-v1_5 padding has known theoretical weaknesses, while RSAES-OAEP adds randomness and a hash-based construction that is provably more secure and is the modern recommendation. Both endpoints must agree, so a recipient's software has to support OAEP to read the message.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoEmail
    Boolean bTemp1

    //  Demonstrates the Email.OaepPadding property, which selects the RSA encryption scheme
    //  used when encrypting email.  The default is false (RSAES PKCS1-v1_5).  Set it to true
    //  to use RSAES-OAEP.  This affects only the RSA key-encryption step, not the symmetric
    //  content-encryption algorithm selected by Pkcs7CryptAlg.

    Get Create (RefClass(cComChilkatEmail)) To hoEmail
    If (Not(IsComObjectCreated(hoEmail))) Begin
        Send CreateComObject of hoEmail
    End
    Set ComSubject Of hoEmail To "Encrypted with RSAES-OAEP"
    Set ComBody Of hoEmail To "This message uses OAEP padding for the RSA key encryption."

    //  Use RSAES-OAEP instead of the older PKCS1-v1_5 scheme.
    Set ComOaepPadding Of hoEmail To True

    Get ComOaepPadding Of hoEmail To bTemp1
    Showln "OaepPadding = " bTemp1


End_Procedure