[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] DSA certificate in a PKCS12 file



Maybe there is used another AlgorithmID for the DSA algorithm. I donīt know
what algorithmID is used for your certificate/ private key. IAIK uses
1.3.14.3.2.12, SUN since 1.2 the ID 1.2.840.10040.4.1. Perhaps it would help
to initially register this ID by calling

new AlgorithmID("1.2.840.10040.4.1", "DSA", "DSA");

Dieter Bratko

----- Original Message -----
From: Basit Hussain <Basit.Hussain@trcinc.com>
To: <iaik-jce@iaik.tu-graz.ac.at>
Sent: Wednesday, September 15, 1999 9:12 PM
Subject: [iaik-jce] DSA certificate in a PKCS12 file


>
> Hello everyone
>
> I have successfully used the following code to extract the private
key/cert
> chain from a PKCS12 file in the past (RSA certificate exported from
> Netscape).
>
> try{
> PKCS12 parser = new PKCS12(new
> FileInputStream(inFile));
> if (parser.verify(password)== true){
> parser.decrypt(password);
> privKey = (iaik.pkcs.pkcs8.PrivateKeyInfo)
> parser.getKeyBag().getPrivateKey();
> certs =
> CertificateBag.getCertificates(parser.getCertificateBags());
> }
> }
>
> However the same code does not seem to work for a DSA certificate exported
> to a PKCS12 file from Netscape. The verify(password) succeeds but the
> decrypt(password) call fails with the following exception
>
> iaik.pkcs.PKCSException: Unable to decrypt PrivateKey!
>         at iaik.pkcs.pkcs12.AuthenticatedSafe.decrypt(Unknown Source)
>         at iaik.pkcs.pkcs12.PKCS12.decrypt(Unknown Source)
>         at
>
com.cboe.securityService.securityClient.ParseP12File.parse(ParseP12File.java
> :82)
>
> Any ideas? Thanks in advance.
>
> Basit
>
> --
> Mailinglist-archive at
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html
>
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
folowing content: UNSUBSCRIBE iaik-jce
>
>


smime.p7s