嗨,伙计们!我的问题是下一个:我有CSR证书,客户证书X509和文件.p12与CSR私钥。我想将我的CSR加密到PKCS7中,并在将来获取并验证。
在下一个代码中,我正在尝试读取我的CSR并将其放入PKCS7容器中:
//get client X509 certificate
FileInputStream fis = new FileInputStream(PATH+"//pkcs7-csr-cer//identity.cer");
X509Certificate certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fis);
fis.close();
//read my csr file and create pkcs10 based on it
FileReader fileReader = new FileReader(csrfilename);
PemReader pemReader = new PemReader(fileReader);
PKCS10CertificationRequest pkcs10 = new PKCS10CertificationRequest(pemReader.readPemObject().getContent());
//trying to encrypt the pkcs10 in pkcs7
CMSEnvelopedDataGenerator generator = new CMSEnvelopedDataGenerator();
generator.addKeyTransRecipient(certificate);
CMSProcessable sdata = new CMSProcessableByteArray(pkcs10.getEncoded());
CMSEnvelopedData envelopedData = generator.generate(sdata, CMSEnvelopedDataGenerator.AES256_CBC, "BC");
bytes[] pkcs10Encrypted = envelopedData.getEncoded();
//trying to get from encrypted csr
CMSEnvelopedDataParser envDataParser = new CMSEnvelopedDataParser(enveloped);
RecipientInformationStore recipients = envDataParser.getRecipientInfos();
Collection envCollection = recipients.getRecipients();
Iterator it = envCollection.iterator();
RecipientInformation recipient = (RecipientInformation) it.next();
byte[] result = recipient.getContent(privateKey, "BC");
String base64Encoded = new String(Base64.encode(result));
我收到例外:
Exception in thread "main" org.bouncycastle.cms.CMSException: bad padding in message.
at org.bouncycastle.cms.KeyTransRecipientInformation.getSessionKey(Unknown Source)
at org.bouncycastle.cms.KeyTransRecipientInformation.getContentStream(Unknown Source)
at org.bouncycastle.cms.RecipientInformation.getContent(Unknown Source)
我用Google搜索并发现同样的问题,但解决方案是不正确的私钥,但我的确如此。 请帮忙。也许谁知道一些教程Bouncy Castle?谢谢!