-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Description
Symptom:
My java application throws exception when unwrapping PKCS7 CMS envelope that encrypted with RSAES-OAEP. The PKCS7 CMS envelope is created using Microsoft .NET.
RFC Spec and RSAES-OAEP Definition: 1.2.840.113549.1.1.7
IETF RFC 3447 and RFC 8017.
Backtrace:
<#Exception#><org.bouncycastle.cms.CMSException> exception unwrapping key: cannot create cipher: No provider found for 1.2.840.113549.1.1.7
at org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(Unknown Source:270)
at org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(Unknown Source:0)
at org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(Unknown Source:16)
at org.bouncycastle.cms.RecipientInformation.getContentStream(Unknown Source:0)
at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source:0)
...
<#Exception#><org.bouncycastle.operator.OperatorCreationException> Caused by: cannot create cipher: No provider found for 1.2.840.113549.1.1.7
at org.bouncycastle.operator.jcajce.OperatorHelper.createAsymmetricWrapper(Unknown Source:85)
at org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper.generateUnwrappedKey(Unknown Source:12)
at org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(Unknown Source:230)
at org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(Unknown Source:0)
at org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(Unknown Source:16)
at org.bouncycastle.cms.RecipientInformation.getContentStream(Unknown Source:0)
at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source:0)
...
<#Exception#><java.security.NoSuchAlgorithmException> Caused by: No provider found for 1.2.840.113549.1.1.7
at javax.crypto.Cipher.createCipher(Cipher.java:737)
at javax.crypto.Cipher.getInstance(Cipher.java:620)
at org.bouncycastle.jcajce.util.DefaultJcaJceHelper.createCipher(Unknown Source:0)
at org.bouncycastle.operator.jcajce.OperatorHelper.createAsymmetricWrapper(Unknown Source:56)
at org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper.generateUnwrappedKey(Unknown Source:12)
at org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(Unknown Source:230)
at org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(Unknown Source:0)
at org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(Unknown Source:16)
at org.bouncycastle.cms.RecipientInformation.getContentStream(Unknown Source:0)
at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source:0)
...
Root cause:
The mapping from PKCSObjectIdentifiers.id_RSAES_OAEP (i.e. OID 1.2.840.113549.1.1.7) to RSAES-OAEP algorithm name is missing in asymmetricWrapperAlgNames.
See: OperatorHelper.java
This would result in passing the OID string to javax.crypto.Cipher.createCipher instead of a valid Cipher algorithm name. This eventually caused the exception as the OID string is not a valid Cipher algorithm name in JCE/JCA.
To fix the issue, the mapping from PKCSObjectIdentifiers.id_RSAES_OAEP (i.e. OID 1.2.840.113549.1.1.7) to RSAES-OAEP algorithm name is needed in asymmetricWrapperAlgNames in OperatorHelper.java.
Proposal:
Add the mapping from PKCSObjectIdentifiers.id_RSAES_OAEP (i.e. OID 1.2.840.113549.1.1.7) to RSAES-OAEP algorithm name in asymmetricWrapperAlgNames in OperatorHelper.java.
- Identify the RSAES-OAEP algorithm name string that shall be added to the mapping.
- Add the mapping in a dev branch and create a beta build. Consume the beta build in the test application and validate with test data. This it is to validate JCE and BouncyCastle RSAES-OAEP implementation is compatible with .NET framework implementation.
- Other: get more details on Microsoft .NET RSAES-OAEP implementation so we can be certain of the solution.