According to the specification in SECON (section 2.1.4) for 4096 bit RSA-keys the RSAES-OAEP algorithm should be used to encrypt the session key.
Currently the tool uses the algorithm implied by the public key of the encryption certificate which defaults to RSA (PKCS#1 v1.5).
This causes interoperability issues when decrypting messages created with secon-tool using other tools expecting RSAES-OAEP instead of RSA.
loetifuss
commented
3 years ago
According to the specification in SECON (section 2.1.4) for 4096 bit RSA-keys the RSAES-OAEP algorithm should be used to encrypt the session key. Currently the tool uses the algorithm implied by the public key of the encryption certificate which defaults to RSA (PKCS#1 v1.5). This causes interoperability issues when decrypting messages created with secon-tool using other tools expecting RSAES-OAEP instead of RSA.