Is RSA PKCS1-OAEP padding supported in bouncycastle?

Question

I'm implementing encryption code in Java/Android to match iOS encryption. In iOS there are encrypting with RSA using the following padding scheme: PKCS1-OAEP

However when I try to create Cipher with PKCS1-OAEP.

Cipher c = Cipher.getInstance("RSA/None/PKCS1-OAEP", "BC");

Below is the stacktrace

javax.crypto.NoSuchPaddingException: PKCS1-OAEP unavailable with RSA.
    at com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineSetPadding(CipherSpi.java:240)
    at javax.crypto.Cipher.getCipher(Cipher.java:324)
    at javax.crypto.Cipher.getInstance(Cipher.java:237) 

Maybe this RSA/None/PKCS1-OAEP is incorrect? but can't find any definitive answer to say either PKCS1-OAEP is unsupported or the correct way to define it.

I'm using the spongycastle library so have full bouncycastle implementation.

Answer 1

The code in the first answer does work, but it's not recommended as it uses BouncyCastle internal classes, instead of JCA generic interfaces, making the code BouncyCastle specific. For example, it will make it difficult to switch to SunJCE provider.

Bouncy Castle as of version 1.50 supports following OAEP padding names.

• RSA/NONE/OAEPWithMD5AndMGF1Padding
• RSA/NONE/OAEPWithSHA1AndMGF1Padding
• RSA/NONE/OAEPWithSHA224AndMGF1Padding
• RSA/NONE/OAEPWithSHA256AndMGF1Padding
• RSA/NONE/OAEPWithSHA384AndMGF1Padding
• RSA/NONE/OAEPWithSHA512AndMGF1Padding

Then proper RSA-OAEP cipher initializations would look like

Cipher c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");