CryptoUtil.getKeywrapAlgorithmFromOID: Fix DES-EDE3-CBC selection

Commit dbd2d9b contained the edit:

-        if (oid.equals(KW_DES_CBC_PAD))
+        if (oid.equals(KeyWrapAlgorithm.DES_CBC_PAD_OID))

KW_DES_CBC_PAD was 1.2.840.113549.3.7 (DES-EDE3-CBC; this definition
was removed in the same commit). But
KeyWrapAlgorithm.DES_CBC_PAD_OID is 1.3.14.3.2.7.  This is a
behaviour change that breaks KRA archival (possibly recovery too).

Test equality to KeyWrapAlgorithm.DES3_CBC_PAD_OID to restore the
correct behaviour.  Also fix a similar error in WrappingParams.java.

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1709585

base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java

@@ -2875,7 +2875,7 @@ public static KeyWrapAlgorithm getKeyWrapAlgorithmFromOID(String wrapOID) throws
         if (oid.equals(KeyWrapAlgorithm.AES_KEY_WRAP_OID))
             return KeyWrapAlgorithm.AES_CBC_PAD;
 
-        if (oid.equals(KeyWrapAlgorithm.DES_CBC_PAD_OID))
+        if (oid.equals(KeyWrapAlgorithm.DES3_CBC_PAD_OID))
             return KeyWrapAlgorithm.DES3_CBC_PAD;
 
         throw new NoSuchAlgorithmException(wrapOID);

base/util/src/netscape/security/util/WrappingParams.java

@@ -67,7 +67,7 @@ public WrappingParams(String encryptOID, String wrapName, String priKeyAlgo, IVP
             // New clients set this correctly.
             // We'll assume the old DES3 wrapping here.
             encrypt = EncryptionAlgorithm.DES_CBC_PAD;
-        } else if (encryptOID.equals(KeyWrapAlgorithm.DES_CBC_PAD_OID.toString())) {
+        } else if (encryptOID.equals(KeyWrapAlgorithm.DES3_CBC_PAD_OID.toString())) {
             encrypt = EncryptionAlgorithm.DES3_CBC_PAD;
         } else if (encryptOID.equals(KeyWrapAlgorithm.AES_CBC_PAD_OID.toString())) {
             encrypt = EncryptionAlgorithm.AES_128_CBC_PAD;