gsprdev
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java‎
Lines changed: 5 additions & 1 deletion b/‎core/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java‎
Lines changed: 13 additions & 1 deletion b/‎pkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java‎
Lines changed: 13 additions & 1 deletion
diff --git a/‎pkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java‎
Lines changed: 45 additions & 0 deletions b/‎pkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎pkix/src/test/java/org/bouncycastle/cert/test/PKCS10Test.java‎
Lines changed: 11 additions & 18 deletions b/‎pkix/src/test/java/org/bouncycastle/cert/test/PKCS10Test.java‎
Lines changed: 11 additions & 18 deletions
@@ -57,7 +57,11 @@ public RSAESOAEPparams(
         this.maskGenAlgorithm = maskGenAlgorithm;
         this.pSourceAlgorithm = pSourceAlgorithm;
     }
-    
+
+    /**
+     * @deprecated use getInstance()
+     * @param seq
+     */
     public RSAESOAEPparams(
         ASN1Sequence seq)
     {
 
@@ -4,6 +4,7 @@
 import java.security.PublicKey;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
+import java.security.spec.AlgorithmParameterSpec;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
@@ -17,14 +18,25 @@ public class JceKeyTransRecipientInfoGenerator
     public JceKeyTransRecipientInfoGenerator(X509Certificate recipientCert)
         throws CertificateEncodingException
     {
-        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(recipientCert.getPublicKey()));
+        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(recipientCert));
     }
 
     public JceKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey)
     {
         super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(publicKey));
     }
 
+    public JceKeyTransRecipientInfoGenerator(X509Certificate recipientCert, AlgorithmParameterSpec parameterSpec)
+        throws CertificateEncodingException
+    {
+        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(recipientCert, parameterSpec));
+    }
+
+    public JceKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey, AlgorithmParameterSpec parameterSpec)
+    {
+        super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(publicKey, parameterSpec));
+    }
+
     public JceKeyTransRecipientInfoGenerator setProvider(String providerName)
     {
         ((JceAsymmetricKeyWrapper)this.wrapper).setProvider(providerName);
 
@@ -6,17 +6,25 @@
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
+import java.security.spec.AlgorithmParameterSpec;
 import java.util.HashMap;
 import java.util.Map;
 
 import javax.crypto.Cipher;
+import javax.crypto.spec.OAEPParameterSpec;
+import javax.crypto.spec.PSource;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.jcajce.DefaultJcaJceHelper;
 import org.bouncycastle.jcajce.NamedJcaJceHelper;
 import org.bouncycastle.jcajce.ProviderJcaJceHelper;
 import org.bouncycastle.operator.AsymmetricKeyWrapper;
+import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.GenericKey;
 import org.bouncycastle.operator.OperatorException;
 
@@ -40,6 +48,18 @@ public JceAsymmetricKeyWrapper(X509Certificate certificate)
         this(certificate.getPublicKey());
     }
 
+    public JceAsymmetricKeyWrapper(PublicKey publicKey, AlgorithmParameterSpec algorithmParameterSpec)
+    {
+        super(getAlgID(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()), algorithmParameterSpec));
+
+        this.publicKey = publicKey;
+    }
+
+    public JceAsymmetricKeyWrapper(X509Certificate certificate, AlgorithmParameterSpec algorithmParameterSpec)
+    {
+        this(certificate.getPublicKey(), algorithmParameterSpec);
+    }
+
     public JceAsymmetricKeyWrapper setProvider(Provider provider)
     {
         this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
@@ -122,4 +142,29 @@ public byte[] generateWrappedKey(GenericKey encryptionKey)
 
         return encryptedKeyBytes;
     }
+
+    private static AlgorithmIdentifier getAlgID(SubjectPublicKeyInfo pubKeyInfo, AlgorithmParameterSpec algorithmSpec)
+    {
+        if (PKCSObjectIdentifiers.rsaEncryption.equals(pubKeyInfo.getAlgorithm().getAlgorithm())
+            || PKCSObjectIdentifiers.id_RSAES_OAEP.equals(pubKeyInfo.getAlgorithm().getAlgorithm()))
+        {
+            if (algorithmSpec.equals(OAEPParameterSpec.DEFAULT))
+            {
+                return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP,
+                    new RSAESOAEPparams(RSAESOAEPparams.DEFAULT_HASH_ALGORITHM, RSAESOAEPparams.DEFAULT_MASK_GEN_FUNCTION, RSAESOAEPparams.DEFAULT_P_SOURCE_ALGORITHM));
+            }
+            else
+            {
+                OAEPParameterSpec oaepSpec = (OAEPParameterSpec)algorithmSpec;
+                PSource pSource = oaepSpec.getPSource();
+
+                AlgorithmIdentifier hashAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find(oaepSpec.getDigestAlgorithm());
+                return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP,
+                                    new RSAESOAEPparams(hashAlgorithm, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgorithm),
+                                                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(((PSource.PSpecified)pSource).getValue()))));
+            }
+        }
+
+        throw new IllegalArgumentException("unknown parameter spec passed.");
+    }
 }
@@ -11,7 +11,6 @@
 import java.security.Signature;
 import java.security.spec.RSAPrivateCrtKeySpec;
 import java.security.spec.RSAPublicKeySpec;
-import java.util.Vector;
 
 import javax.security.auth.x500.X500Principal;
 
@@ -24,11 +23,11 @@
 import org.bouncycastle.asn1.x500.X500NameBuilder;
 import org.bouncycastle.asn1.x500.style.BCStyle;
 import org.bouncycastle.asn1.x509.BasicConstraints;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.Extensions;
 import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.asn1.x509.X509Extensions;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
 import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
 import org.bouncycastle.jce.ECNamedCurveTable;
 import org.bouncycastle.jce.interfaces.ECPointEncoder;
@@ -50,7 +49,6 @@
 import org.bouncycastle.util.encoders.Base64;
 import org.bouncycastle.util.encoders.Hex;
 import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;
 
 /**
  **/
@@ -463,28 +461,23 @@ private void nullPointerTest()
         KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC");
         keyGen.initialize(1024, new SecureRandom());
         KeyPair pair = keyGen.generateKeyPair();
+        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
 
-        Vector oids = new Vector();
-        Vector values = new Vector();
-        oids.add(X509Extension.basicConstraints);
-        values.add(new X509Extension(true, new DEROctetString(new BasicConstraints(true))));
-        oids.add(X509Extension.keyUsage);
-        values.add(new X509Extension(true, new DEROctetString(
-            new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign))));
-        SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.getPublic());
-        X509Extension ski = new X509Extension(false, new DEROctetString(subjectKeyIdentifier));
-        oids.add(X509Extension.subjectKeyIdentifier);
-        values.add(ski);
+        Extension[] ext = new Extension[] {
+            new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(true))),
+            new Extension(Extension.keyUsage, true, new DEROctetString(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign))),
+            new Extension(Extension.subjectKeyIdentifier, false, new DEROctetString(extUtils.createSubjectKeyIdentifier(pair.getPublic())))
+        };
 
         PKCS10CertificationRequest p1 = new JcaPKCS10CertificationRequestBuilder(
             new X500Name("cn=csr"),
             pair.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new X509Extensions(oids, values))
+            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(ext))
             .build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(pair.getPrivate()));
         PKCS10CertificationRequest p2 = new JcaPKCS10CertificationRequestBuilder(
             new X500Name("cn=csr"),
             pair.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new X509Extensions(oids, values))
+            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(ext))
             .build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(pair.getPrivate()));
 
         if (!p1.equals(p2))
Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,11 @@ public RSAESOAEPparams(`
`57`	`57`	`this.maskGenAlgorithm = maskGenAlgorithm;`
`58`	`58`	`this.pSourceAlgorithm = pSourceAlgorithm;`
`59`	`59`	`}`
`60`		`-`
	`60`	`+`
	`61`	`+ /**`
	`62`	`+ * @deprecated use getInstance()`
	`63`	`+ * @param seq`
	`64`	`+ */`
`61`	`65`	`public RSAESOAEPparams(`
`62`	`66`	`ASN1Sequence seq)`
`63`	`67`	`{`