[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Decryption Issue


  Another two questions and/or issues.  I saved an email which had
  been signed and subsequently encrypted to a file after stripping off
  the headers.  Processing per the documentation for EncryptedContentInfo
  doesn't work.  Specifically,

    ContentInfo ci = new ContentInfo(fileInputStream..)
    // after checking to see that it is EnvelopedData...
    EnvelopedData ed = (EnvelopedData) ci.getContent();
    // Print out some stuff..
    EncryptedContentInfo eci = (EncryptedContentInfo)
    // After fetching RecipientInfos and selecting correct one and fetching
    symmetricKey = ri.decryptKey(privateKey);

  Produces the following output
  |       Encryption Algorithm used is 'RC2-CBC
  |       EncryptedContentInfo.hasContent() returns true: 6456 bytes
  |       Printing out RecipientInfos so we know we're using correct Key to
  |       RecipientInfo for recipient 0
  |         ISN: SerialNumber: 176
  |       Issuer: O: ........
  |       RecipientInfo for recipient 1
  |         ISN: SerialNumber: 176
  |       Issuer: O: ........
  |       Decrypting using 1  as the index of the RecipientInfo!
  |       Fetching PrivateKey
  |       Key Encryption Algorithm is 'rsaEncryption'.
  |       Decrypted key used for encrypting; now decrypting content
  |       Some exception occurred!!
  |       iaik.pkcs.PKCSException: Unable to get algorithm parameter!
  |               at java.lang.Throwable.fillInStackTrace(Native Method)
  |               at java.lang.Throwable.<init>(Throwable.java:94)
  |               at java.lang.Exception.<init>(Exception.java:42)
  |               at iaik.pkcs.PKCSException.<init>(Unknown Source)
  |               at
iaik.pkcs.pkcs7.EncryptedContentInfoStream.setupCipher(Unknown Source)
  |               at LoadEncrypted.main(LoadEncrypted.java:221)

>> So, the first question is why didn't the documented method work?  <<

  I CAN decrypt the message if I go about it differently.  If, after
decrypting the
  KeyEncryption Key, I do something like the following instead of using
setupCipher method

    Cipher rc2 =  javax.crypto.Cipher.getInstance("RC2/CBC/NoPadding",
    rc2.init(Cipher.DECRYPT_MODE, symmetricKey);
    data = rc2.doFinal(eci.getContent());
    System.out.println("DECRYPTED content comprises " + data.length + "

  then I can successfully decrypt the message.  However, the first 8 bytes
are not
  correct.  (Should be a "Content-Type" header, but the first 8 bytes are

>> Second Question is why don't the first bytes decrypt properly?  Did I
miss something?  I <<
>> have also tried PKCS1Padding and PKCS5Padding, but neither corrects the
problem.         <<

  Thanks and regards,
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce