[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-jce] Help! BadPaddingException when decrypting PKCS12



Sorry, I forgot to mention that my code does call IAIK.addAsProvider(false);
at the beginning of my program.  I am using Microsoft's latest Java VM,
which I believe is somewhere around JDK 1.1.4.  My OS is Windows 2000 SP 1.

> -----Original Message-----
> From: Paul Williams 
> Sent: Wednesday, August 16, 2000 7:33 PM
> To: iaik-jce@iaik.tu-graz.ac.at
> Subject: Help! BadPaddingException when decrypting PKCS12
> 
> 
> Hello all,
> 
> I'm using the IAIK JCE 2.6 and the iSaSiLk toolkit version 
> 3.01.  I am getting a BadPaddingException when decrypting a 
> PKCS12 file.  The exception thrown to my program is a 
> PKCSException saying "Unable to decrypt private key!".  I use 
> Visual J++; this IDE lets me break on every exception thrown, 
> so I was able to see the actual problem was a 
> BadPaddingException.  The stack trace is:
> 
>  	iaik.security.cipher.l.b(param0, param1, param2)
> 	iaik.security.cipher.BufferedCipher.a(param0, param1, 
> param2, param3, param4, param5) 	
> iaik.security.cipher.BufferedCipher.engineDoFinal(param0, 
> param1, param2)
>  	javax.crypto.Cipher.doFinal(param0)
>  	iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.decrypt(param0)
>  	iaik.pkcs.pkcs12.PKCS8ShroudedKeyBag.decrypt(param0)
>  	iaik.pkcs.pkcs12.AuthenticatedSafe.decrypt(param0)
>  	iaik.pkcs.pkcs12.PKCS12.decrypt(param0)
> 
> This exception happens with every PKCS12 certificate I 
> attempt to decrypt, whether or not the password is correct.  
> The PKCS12 file was generated from Microsoft's Certificate 
> Export Wizard and includes both the private and public keys.  
> I did not choose the "enhanced security" setting in the 
> wizard.  Windows is able to load these PKCS12 certificates.
> 
> The code I use follows the examples given by the documentation:
> 
> 			FileInputStream fileIn = new 
> FileInputStream (file);
> 			BufferedInputStream in = new 
> BufferedInputStream (fileIn);
> 			PKCS12 pkcs12 = new PKCS12 (in);
> 			String password = "test";
> 			pkcs12.verify (password.toCharArray ());
> 			pkcs12.decrypt (password.toCharArray ());
> 
> I expected IAIK's JCE to be able to parse any PKCS12 file.  
> What is wrong?  The messages I read in the archives mentioned 
> problems matching public keys to private keys, but I'm not 
> doing that here.
> 
> The PKCS12.toString () method returns
> 
> 	PKCS#12 object:
> 	Version: 3
> 	AuthenticatedSafe: 0
> 	mode: UNENCRYPTED
> 
> 	SafeBag: 0
> 	PKCS8ShroudedKeyBag: not decrypted yet!
> 
> 	AuthenticatedSafe: 1
> 	mode: PASSWORD_ENCRYPTED
> 	Content encrypted with: PbeWithSHAAnd40BitRC2-CBC
> 	No SafeBags or not decrypted yet.
> 
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce