[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Problems reading .pfx file written by IE5

I'm trying to implement a ClientTrustDecider, but I'm unable to read the
certificate I exported from IE5.

When I use this code (wrapped in an appropriate try/catch):

            MicrosoftP12 mp12 = new MicrosoftP12(new
            String pwd = new String("***");
            //System.out.println("verify: " +
            _privateKey = mp12.getPrivateKey();
            _cert = mp12.getCertificateChain();

I get the following output:

    Microsoft PKCS#12 object:
    Not decrypted yet!
    PKCSException:Unable to decrypt the object!

When I use this code:

            PKCS12 p12 = new PKCS12(new
            String pwd = new String("***");
            //System.out.println("verify: " +

I get this output:

    PKCS#12 object:
    Version: 3
    AuthenticatedSafe: 0

    SafeBag: 0
    Bag type: PKCS#12 pkcs8ShroudedKeyBag
    localKeyID = OCTET STRING = 4 bytes: 01:00:00:00
    friendlyName = UNIString = "9c00abd7-9b87-11d3-8669-0008c7dc970c" = UNIString = "Microsoft Base Cryptographic
Provider v1.0"

    AuthenticatedSafe: 1
    Content encrypted with: PbeWithSHAAnd40BitRC2-CBC
    No SafeBags or not decrypted yet.

AlgorithmParameters not available

In either case, executing the call to verify results in

    PKCSException:java.security.NoSuchAlgorithmException: Algorithm HMAC/SHA
not implemenated.

I am using iaik_jce_full.jar.

Output varies depending on the relative order of entrust.jar &
iaik_jce_full.jar in my classpath;  the above is the best I've got (entrust
first) & with entrust last I get a NoSuchMethodError
("iaik.pkcs.pkcs12.PKCS12: method decrypt(Ljava/lang/String;)V not found")
in MicrosoftP12.decrypt().

Any help would be gratefully received.

-- Richard
This email, its content and any files transmitted with it are intended
solely for the addressee(s) and may be legally privileged and/or 
confidential. Access by any other party is unauthorised without the
express written permission of the sender. If you have received this 
email in error you may not copy or use the contents, attachments or 
information in any way. Please destroy it and contact the sender on 
the number printed above, via the Dresdner Kleinwort Benson 
switchboard on +44 171 623 8000 or via e-mail return. Internet 
communications are not secure unless protected using strong 
cryptography. This email has been prepared using information believed
by the author to be reliable and accurate, but Dresdner Kleinwort 
Benson makes no warranty as to accuracy or completeness. In particular
Dresdner Kleinwort Benson does not accept responsibility for changes
made to this email after it was sent. Any opinions expressed in this 
document are those of the author and do not necessarily reflect the 
opinions of the Bank or its affiliates. They may be subject to change
without notice.
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce