Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CryptoUtil.getKeywrapAlgorithmFromOID: Fix DES-EDE3-CBC selection
Commit dbd2d9b contained the edit: - if (oid.equals(KW_DES_CBC_PAD)) + if (oid.equals(KeyWrapAlgorithm.DES_CBC_PAD_OID)) KW_DES_CBC_PAD was 1.2.840.113549.3.7 (DES-EDE3-CBC; this definition was removed in the same commit). But KeyWrapAlgorithm.DES_CBC_PAD_OID is 1.3.14.3.2.7. This is a behaviour change that breaks KRA archival (possibly recovery too). Test equality to KeyWrapAlgorithm.DES3_CBC_PAD_OID to restore the correct behaviour. Also fix a similar error in WrappingParams.java. Related: https://bugzilla.redhat.com/show_bug.cgi?id=1709585
- Loading branch information