diff --git a/crypto/src/cms/KeyTransRecipientInformation.cs b/crypto/src/cms/KeyTransRecipientInformation.cs
index 3b1ea7b5e..7d2f072b5 100644
--- a/crypto/src/cms/KeyTransRecipientInformation.cs
+++ b/crypto/src/cms/KeyTransRecipientInformation.cs
@@ -55,12 +55,18 @@ namespace Org.BouncyCastle.Cms
}
private string GetExchangeEncryptionAlgorithmName(
- DerObjectIdentifier oid)
+ AlgorithmIdentifier algo)
{
- if (Asn1Pkcs.PkcsObjectIdentifiers.RsaEncryption.Equals(oid))
+ DerObjectIdentifier oid = algo.Algorithm;
+
+ if (Asn1Pkcs.PkcsObjectIdentifiers.RsaEncryption.Equals(oid))
{
return "RSA//PKCS1Padding";
- }
+ } else if (Asn1Pkcs.PkcsObjectIdentifiers.IdRsaesOaep.Equals(oid))
+ {
+ Asn1Pkcs.RsaesOaepParameters rsaParams = Asn1Pkcs.RsaesOaepParameters.GetInstance(algo.Parameters);
+ return "RSA//OAEPWITH"+DigestUtilities.GetAlgorithmName(rsaParams.HashAlgorithm.Algorithm)+"ANDMGF1Padding";
+ }
return oid.Id;
}
@@ -68,7 +74,7 @@ namespace Org.BouncyCastle.Cms
internal KeyParameter UnwrapKey(ICipherParameters key)
{
byte[] encryptedKey = info.EncryptedKey.GetOctets();
- string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg.Algorithm);
+ string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg);
try
{
diff --git a/crypto/test/src/crmf/test/CrmfTest.cs b/crypto/test/src/crmf/test/CrmfTest.cs
index 5e05695f4..b1f18cc7b 100644
--- a/crypto/test/src/crmf/test/CrmfTest.cs
+++ b/crypto/test/src/crmf/test/CrmfTest.cs
@@ -114,7 +114,7 @@ namespace Org.BouncyCastle.Crmf.Tests
certificateRequestMessageBuilder.SetPublicKey(publicKeyInfo);
certificateRequestMessageBuilder.AddControl(
- new PKIArchiveControlBuilder(privateInfo, new GeneralName(new X509Name("CN=Test")))
+ new PkiArchiveControlBuilder(privateInfo, new GeneralName(new X509Name("CN=Test")))
.AddRecipientGenerator(new CmsKeyTransRecipientInfoGenerator(cert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1Padding", cert)))
.Build(new CmsContentEncryptorBuilder(NistObjectIdentifiers.IdAes128Cbc).Build())
);
@@ -126,7 +126,7 @@ namespace Org.BouncyCastle.Crmf.Tests
checkCertReqMsgWithArchiveControl(rsaKeyPair,msg);
checkCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded()));
-
+
}
[Test]
@@ -172,13 +172,13 @@ namespace Org.BouncyCastle.Crmf.Tests
KeyTransRecipientInformation info = (KeyTransRecipientInformation)collection[0];
EncKeyWithID encKeyWithId = EncKeyWithID.GetInstance(info.GetContent(kp.Private));
-
+
+
IsTrue(encKeyWithId.HasIdentifier);
IsTrue(!encKeyWithId.IsIdentifierUtf8String); // GeneralName at this point.
-
IsTrue("Name", X509Name.GetInstance(GeneralName.GetInstance(encKeyWithId.Identifier).Name).Equivalent(new X509Name("CN=Test")));
-
+
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(kp.Private);
IsTrue("Private Key", Arrays.AreEqual(privateKeyInfo.GetEncoded(), encKeyWithId.PrivateKey.GetEncoded()));
|
