ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

RSAES-OAEP

An RSA key-transport algorithm with probabilistic padding, a safe alternative to PKCS#1 v1.5.

Definition

RSAES-OAEP encrypts the CEK under the recipient's RSA public key with randomized padding (OAEP), making it resistant to Bleichenbacher-style attacks that target the older RSAES-PKCS1-v1_5 padding. In CMS it requires the use of KeyTransRecipientInfo and is identified by the id-RSAES-OAEP OID.

Origin

Its use in CMS is defined by RFC 3560 (IETF S/MIME WG); the scheme itself is specified in PKCS #1 v2.2, published as RFC 8017 by the IETF.

Example in context

keyEncryptionAlgorithm = id-RSAES-OAEP (1.2.840.113549.1.1.7); encryptedKey = RSAES-OAEP-Encrypt(pubKey, CEK).

Last updated: June 20, 2026