使用 Java 和 BouncyCastle,我能够解密大量 S/MIME 封装的消息。
但当密钥加密算法为1.2.840.113549.1.1.7
(id-RSAES-OAEP),解密失败(堆栈跟踪在这个问题的末尾)。
发生这种情况的行:
content = messageRecipientInfo.getContent(new JceKeyTransEnvelopedRecipient(pc).setProvider("BC"));
以前我用该行来解密:
content = messageRecipientInfo.getContent(givenCertRecipient);
全部都是一样。
有什么猜测吗?
我现在尝试使用 OAEP 加密数据。因此,我直接在文件 cms/test/NewEnvelopedDataTest.java 中的 BouncyCastle 内找到了代码
即使这样也行不通!
同样的错误:
String BC = BouncyCastleProvider.PROVIDER_NAME;
KeyPair _reciKP = CMSTestUtil.makeKeyPair();
String _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
KeyPair _signKP = CMSTestUtil.makeKeyPair();
String _signDN = "O=Bouncy Castle, C=AU";
X509Certificate _reciCertOaep = CMSTestUtil.makeOaepCertificate(_reciKP, _reciDN, _signKP, _signDN);
byte[] data = "WallaWallaWashington".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
JcaAlgorithmParametersConverter paramsConverter = new JcaAlgorithmParametersConverter();
edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCertOaep).setProvider(BC));
edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCertOaep.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), _reciCertOaep.getPublicKey()).setProvider(BC));
在最后一步中它崩溃了:“无法初始化算法参数:不支持操作”
CMSEnvelopedData edd = edGen.generate(
new CMSProcessableByteArray(data),
new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
问题是什么?我看不到它...
org.bouncycastle.cms.CMSException:异常解包键:不能
初始化算法参数:不支持操作
org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(JceKeyTransRecipient.java:169)
在
org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(JceKeyTransEnvelopedRecipient.java:26)
在
org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(KeyTransRecipientInformation.java:48)
在
org.bouncycastle.cms.RecipientInformation.getContentStream(RecipientInformation.java:169)
在
org.bouncycastle.cms.RecipientInformation.getContent(RecipientInformation.java:150)
在 CryptoTools.decryptAndVerifyFile(CryptoTools.java:1030) 处
FormMain$2.actionPerformed(FormMain.java:403) 在
javax.swing.AbstractButton.fireActionPerformed(来源未知)位于
javax.swing.AbstractButton$Handler.actionPerformed(来源未知)位于
javax.swing.DefaultButtonModel.fireActionPerformed(来源未知)
javax.swing.DefaultButtonModel.setPressed(来源未知)
javax.swing.plaf.basic.BasicButtonListener.mouseReleased(未知
来源)位于 java.awt.Component.processMouseEvent(来源未知)
javax.swing.JComponent.processMouseEvent(来源未知)位于
java.awt.Component.processEvent(来源未知)位于
java.awt.Container.processEvent(来源未知)位于
java.awt.Component.dispatchEventImpl(来源未知)位于
java.awt.Container.dispatchEventImpl(来源未知)位于
java.awt.Component.dispatchEvent(来源未知)位于
java.awt.LightweightDispatcher.retargetMouseEvent(来源未知)位于
java.awt.LightweightDispatcher.processMouseEvent(来源未知)位于
java.awt.LightweightDispatcher.dispatchEvent(来源未知)位于
java.awt.Container.dispatchEventImpl(来源未知)位于
java.awt.Window.dispatchEventImpl(来源未知)位于
java.awt.Component.dispatchEvent(来源未知)位于
java.awt.EventQueue.dispatchEventImpl(来源未知)位于
java.awt.EventQueue.access$500(来源不明)位于
java.awt.EventQueue$3.run(来源未知)位于
java.awt.EventQueue$3.run(来源未知)位于
java.security.AccessController.doPrivileged(本机方法)位于
java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(未知
来源)位于
java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(未知
来源)位于 java.awt.EventQueue$4.run(来源未知)
java.awt.EventQueue$4.run(来源未知)位于
java.security.AccessController.doPrivileged(本机方法)位于
java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(未知
源)位于 java.awt.EventQueue.dispatchEvent(未知源)位于
java.awt.EventDispatchThread.pumpOneEventForFilters(来源未知)
在 java.awt.EventDispatchThread.pumpEventsForFilter(来源未知)
在 java.awt.EventDispatchThread.pumpEventsForHierarchy(未知
来源)位于 java.awt.EventDispatchThread.pumpEvents(来源未知)
在 java.awt.EventDispatchThread.pumpEvents(来源未知)
java.awt.EventDispatchThread.run(来源不明) 原因:
org.bouncycastle.operator.OperatorCreationException:无法初始化
算法参数:不支持的操作
org.bouncycastle.operator.jcajce.OperatorHelper.createAlgorithmParameters(OperatorHelper.java:254)
在
org.bouncycastle.operator.jcajce.JceAmetryKeyUnwrapper.generateUnwrappedKey(JceAmetryKeyUnwrapper.java:100)
在
org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(JceKeyTransRecipient.java:158)
... 42 更多 引起:java.io.IOException:不支持操作
在
org.bouncycastle.jcajce.provider.asymmetry.rsa.AlgorithmParametersSpi$OAEP.engineInit(AlgorithmParametersSpi.java:83)
在 java.security.AlgorithmParameters.init(来源未知)处
org.bouncycastle.operator.jcajce.OperatorHelper.createAlgorithmParameters(OperatorHelper.java:250)
... 44 更多