0 Replies Latest reply: Nov 4, 2012 3:30 AM by 966575 RSS

    BouncyCastle PKCS#7 encryption problem

    966575
      I want to use BouncyCastle to encrypt and decrypt with pkcs7 format. I have a hardware token. when I use Keypair in jks file in my hard drive it work fine but when i use key pair in token its not work. this is my exception:
      Exception in thread "main" org.bouncycastle.cms.CMSException: cannot create cipher: No such algorithm: 2.16.840.1.101.3.4.1.2
      at org.bouncycastle.cms.jcajce.EnvelopedDataHelper.createCipher(Unknown Source)
      at org.bouncycastle.cms.jcajce.EnvelopedDataHelper$1.doInJCE(Unknown Source)
      at org.bouncycastle.cms.jcajce.EnvelopedDataHelper.execute(Unknown Source)
      at org.bouncycastle.cms.jcajce.EnvelopedDataHelper.createContentCipher(Unknown Source)
      at org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient.getRecipientOperator(Unknown Source)
      at org.bouncycastle.cms.KeyTransRecipientInformation.getRecipientOperator(Unknown Source)
      at org.bouncycastle.cms.RecipientInformation.getContentStream(Unknown Source)
      at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source)
      at pktb.PKTB.CmsDecrypt(PKTB.java:288)
      at pktb.PKTB.main(PKTB.java:419)
      Caused by: java.security.NoSuchAlgorithmException: No such algorithm: 2.16.840.1.101.3.4.1.2
      at javax.crypto.Cipher.getInstance(DashoA13*..)
      at javax.crypto.Cipher.getInstance(DashoA13*..)
      at org.bouncycastle.jcajce.NamedJcaJceHelper.createCipher(Unknown Source)
      ... 10 more
      Java Result: 1
      public byte[] CmsEncrypt(byte[] message, KeyContainer keyContainer) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, IOException
      {
      Security.addProvider(new BouncyCastleProvider());
      X509Certificate cert = (X509Certificate) keyContainer.certificate;
      CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();
      gen.addKeyTransRecipient(cert);
      CMSProcessable data = new CMSProcessableByteArray(message);
      CMSEnvelopedData enveloped = gen.generate(data,
      CMSEnvelopedDataGenerator.AES128_CBC, "BC");

      return enveloped.getEncoded();

      }
      and this is my decryption code:
      public byte[] CmsDecrypt(byte[] cipher, KeyContainer keyContainer) throws CMSException, IOException, NoSuchProviderException
      {
      Security.addProvider(new BouncyCastleProvider());
      byte[] contents=null;
      CMSEnvelopedDataParser envelopedDataParser = new CMSEnvelopedDataParser(new ByteArrayInputStream(cipher));
      PrivateKey key = keyContainer.privateKey;
      X509Certificate cert = keyContainer.certificate;
      CMSEnvelopedData enveloped = new CMSEnvelopedData(cipher);
      Collection recip = enveloped.getRecipientInfos().getRecipients();
      KeyTransRecipientInformation rinfo = (KeyTransRecipientInformation) recip
      .iterator().next();
      if(keyContainer.provider.equals("Software"))
      contents = rinfo.getContent(
      new JceKeyTransEnvelopedRecipient(key).setProvider("BC"));
      else
      contents = rinfo.getContent(
      new JceKeyTransEnvelopedRecipient(key).setProvider("SunPKCS11-" + keyContainer.provider));
      System.out.println(new String(contents));
      return contents;

      }
      I must say that i use this token provider for cmsSign and cmsVerify and it works fine therefore i think the problem isn't for provider.
      this is my token configuration file:

      name = rainbow_token
      library = c:/windows/system32/dkck201.dll
      slotListIndex = 04
      attributes(*,CKO_PRIVATE_KEY,*) = {
      CKA_TOKEN = true

      }