[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] Key and certificate reading (Made with OpenSSL.)

The static registration part of the iaik.asn1.structures.AlgorithmID class
only associates one specific object identifier with a particular
AlgorithmID. For DSA this is "" . Since your sample uses
"1.2.840.10040.4.1" as OID for DSA, you also have to register this OID for
the DSA algorithm by calling the AlgorithmID(String objectID, String name,
String implementation) constructor. Thereby "objectID" indicates the OID
string in mind, "name" specifies a name for the algorithm, and
"implementationName" a string constant (e.g. the standard name registered by
the provider) to be used for querying for an implementaion of the algorithm
by means of the getInstance(..) method.

In this way, if you write

  new AlgorithmID("1.2.840.10040.4.1", "DSA", "DSA");

before calling EncryptedPrivateKeyInfo, decryption should work.

Dieter Bratko

----- Original Message -----
From: <biny-iaik@ypy.tky.hut.fi>
To: <iaik-jce@iaik.tu-graz.ac.at>
Sent: Thursday, August 12, 1999 4:45 PM
Subject: [iaik-jce] Key and certificate reading (Made with OpenSSL.)

> I am trying to read a dsa private key and certificate pair for using them
> in isasilk. Both of them are created with the openssl tool. The best I can
> when I try to read them in PKCS#8 format, but I get the following
> exception:
> java.security.GeneralSecurityException: Unable to parse decrypted private
> +java.security.InvalidKeyException: PublicKey algorithm not implemented:
> +1.2.840.10040.4.1
>         at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.decrypt(Unknown Source)
> with the following code:
> setKey((new EncryptedPrivateKeyInfo(asn1object)).decrypt(password));
> and
> java.io.IOException: Unable to decode certificate:
> +java.security.cert.CertificateException: PublicKey algorithm not
> +1.2.840.10040.4.1
>         at iaik.utils.KeyAndCertificate.<init>(Unknown Source)
> with
> KeyAndCertificate kac = new KeyAndCertificate(filename);
> kac.decrypt(password.toCharArray());
> There was the following in the class:
> static {
>     iaik.security.provider.IAIK.addAsProvider();
> }
> --
> Ilpo Nyyssönen
> /* :-) */
> --
> Mailinglist-archive at
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
folowing content: UNSUBSCRIBE iaik-jce