[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-jce] Problems reading .pfx file written by IE5



Thanks for this info;  however, having removed Entrust from my classpath &
downloaded JCE 2.51 I'm still getting a PKCSException "Unable to decrypt
PrivateKey!".

> -----Original Message-----
> From:	Andreas Sterbenz [SMTP:Andreas.Sterbenz@iaik.at]
> Sent:	Wednesday, December 15, 1999 5:52 PM
> To:	Richard.Barnett@dresdnerkb.com; iaik-jce@iaik.tu-graz.ac.at
> Subject:	Re: [iaik-jce] Problems reading .pfx file written by IE5
> 
> You are obviously using a IAIK JCE version prior to 2.5 and should
> upgrade. PKCS#12 support in old versions is known to be limited.
> 
> Note that we cannot support Entrust software and I highly recommend
> against using the original IAIK classes and Entrust Java Toolkit at the
> same time as this might cause unexpected problems due to versioning
> conflicts like the one you describe.
> 
>   Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.at
> 
> -----Ursprüngliche Nachricht-----
> Von: <Richard.Barnett@dresdnerkb.com>
> An: <iaik-jce@iaik.tu-graz.ac.at>
> Gesendet: Montag, 06. Dezember 1999 19:46
> Betreff: [iaik-jce] Problems reading .pfx file written by IE5
> 
> 
> > I'm trying to implement a ClientTrustDecider, but I'm unable to read
> the
> > certificate I exported from IE5.
> >
> > When I use this code (wrapped in an appropriate try/catch):
> >
> >             MicrosoftP12 mp12 = new MicrosoftP12(new
> > FileInputStream("RichardBarnett.pfx"));
> >             System.out.println(mp12);
> >             String pwd = new String("***");
> >             file://System.out.println("verify: " +
> > mp12.verify(pwd.toCharArray()));
> >             mp12.decrypt(pwd);
> >             System.out.println(mp12);
> >             _privateKey = mp12.getPrivateKey();
> >             _cert = mp12.getCertificateChain();
> >
> > I get the following output:
> >
> >     Microsoft PKCS#12 object:
> >     Not decrypted yet!
> >     PKCSException:Unable to decrypt the object!
> >
> > When I use this code:
> >
> >             PKCS12 p12 = new PKCS12(new
> > FileInputStream("RichardBarnett2.pfx"));
> >             System.out.println(p12);
> >             String pwd = new String("***");
> >             file://System.out.println("verify: " +
> > p12.verify(pwd.toCharArray()));
> >             p12.decrypt(pwd.toCharArray());
> >             System.out.println(p12);
> >
> > I get this output:
> >
> >     PKCS#12 object:
> >     Version: 3
> >     AuthenticatedSafe: 0
> >     mode: UNENCRYPTED
> >
> >     SafeBag: 0
> >     Bag type: PKCS#12 pkcs8ShroudedKeyBag
> >     Attributes:
> >     localKeyID = OCTET STRING = 4 bytes: 01:00:00:00
> >     friendlyName = UNIString = "9c00abd7-9b87-11d3-8669-0008c7dc970c"
> >     1.3.6.1.4.1.311.17.1 = UNIString = "Microsoft Base Cryptographic
> > Provider v1.0"
> >
> >     AuthenticatedSafe: 1
> >     mode: PASSWORD_ENCRYPTED
> >     Content encrypted with: PbeWithSHAAnd40BitRC2-CBC
> >     No SafeBags or not decrypted yet.
> >
> >
> >     PKCSException:java.security.NoSuchAlgorithmException:
> > AlgorithmParameters not available
> >
> > In either case, executing the call to verify results in
> >
> >     PKCSException:java.security.NoSuchAlgorithmException: Algorithm
> HMAC/SHA
> > not implemenated.
> >
> > I am using iaik_jce_full.jar.
> >
> > Output varies depending on the relative order of entrust.jar &
> > iaik_jce_full.jar in my classpath;  the above is the best I've got
> (entrust
> > first) & with entrust last I get a NoSuchMethodError
> > ("iaik.pkcs.pkcs12.PKCS12: method decrypt(Ljava/lang/String;)V not
> found")
> > in MicrosoftP12.decrypt().
> >
> > Any help would be gratefully received.
> >
> > -- Richard
> > -----------------------------------------------------------------------
> -
> > This email, its content and any files transmitted with it are intended
> > solely for the addressee(s) and may be legally privileged and/or
> > confidential. Access by any other party is unauthorised without the
> > express written permission of the sender. If you have received this
> > email in error you may not copy or use the contents, attachments or
> > information in any way. Please destroy it and contact the sender on
> > the number printed above, via the Dresdner Kleinwort Benson
> > switchboard on +44 171 623 8000 or via e-mail return. Internet
> > communications are not secure unless protected using strong
> > cryptography. This email has been prepared using information believed
> > by the author to be reliable and accurate, but Dresdner Kleinwort
> > Benson makes no warranty as to accuracy or completeness. In particular
> > Dresdner Kleinwort Benson does not accept responsibility for changes
> > made to this email after it was sent. Any opinions expressed in this
> > document are those of the author and do not necessarily reflect the
> > opinions of the Bank or its affiliates. They may be subject to change
> > without notice.
> > -----------------------------------------------------------------------
> -
> > --
> > Mailinglist-archive at
> http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html
> >
> > To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
> folowing content: UNSUBSCRIBE iaik-jce
> >
> >
> >
> 
> 
------------------------------------------
This email, its content and any files transmitted with it are intended
solely for the addressee(s) and may be legally privileged and/or 
confidential. Access by any other party is unauthorised without the
express written permission of the sender. If you have received this 
email in error you may not copy or use the contents, attachments or 
information in any way. Please destroy it and contact the sender on 
the number printed above, via the Dresdner Kleinwort Benson 
switchboard on +44 171 623 8000 or via e-mail return. Internet 
communications are not secure unless protected using strong 
cryptography. This email has been prepared using information believed
by the author to be reliable and accurate, but Dresdner Kleinwort 
Benson makes no warranty as to accuracy or completeness. In particular
Dresdner Kleinwort Benson does not accept responsibility for changes
made to this email after it was sent. Any opinions expressed in this 
document are those of the author and do not necessarily reflect the 
opinions of the Bank or its affiliates. They may be subject to change
without notice.
------------------------------------------
--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce