我对这个领域很新。我试图在Java中开发一个简单的PCKS#7加密/解密函数。 加密还没有签名,我只想测试加密/解密(密钥来自密钥库)
以下是我的加密代码。
private static byte[] encryptData() throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
FileInputStream fIn = new FileInputStream(_keyStorePath);
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(fIn, _password);
Certificate cert = keystore.getCertificate("abc");
fIn.close();
// set up the generator
CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();
gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator((X509Certificate) cert).setProvider("BC"));
// create the enveloped-data object
CMSProcessable data = new CMSProcessableByteArray("Hello World!".getBytes());
CMSEnvelopedData enveloped = gen.generate((CMSTypedData) data,new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build());
return enveloped.getEncoded();
}
如何编写一个非常简单的解密函数(无验证签名)来解密我的文件?
我在网上做了一些研究,其中一个示例代码我google是`RecipientId recId = new RecipientId();
recId.setSerialNumber(cert.getSerialNumber());
recId.setIssuer(cert.getIssuerX500Principal().getEncoded());
RecipientInformationStore recipients = enveloped.getRecipientInfos();
RecipientInformation recipient = recipients.get(recId);
byte[] recData = recipient.getContent(key, "BC");`
然而," RecipientId recId = new RecipientId();"错误消息:无法实例化类型RecipientId
非常感谢。
答案 0 :(得分:0)
我认为新API有一些变化。
下面应该是正确的,
X509Certificate cert9 = (X509Certificate) keystore.getCertificate("abc");
KeyTransRecipientId recId = new JceKeyTransRecipientId(cert9.getIssuerX500Principal(), cert9.getSerialNumber());