This week's book giveaway is in the Agile and Other Processes forum. We're giving away four copies of Real-World Software Development: A Project-Driven Guide to Fundamentals in Java and have Dr. Raoul-Gabriel Urma & Richard Warburton on-line! See this thread for details.
I'm working on project which collect data from some government portal.
To obatain valid data I had to make rerequest containing some exact xml data.
The xml data had also to contain public key of my certificate. The the portal then encrypts
the returned data. With the the returned data I am expected to do the following:
1. Decode the xml element data from Base64 to array of bytes
- I did it. I got some binary data. I even see the "PostSignum Public CA 4" among the bytes.
2. Decrypt it according to CMS/PKCS #7 standard
3. Decompress it in gzip format
I am not able to do the second part. I googled all over, bud didnt't find anything working.
I know, how to get the certificate, the private key, the alias, but at this point my knowledge ends.
Would somebody be so kind and provide some working example, regarding decrypting pkcs#7 standard ?
posted 3 weeks ago
I finally googled the solution using the BouncyCastle library
But one question regarding the above code remains, the collection 'recipients' in my case has 2 items.
First fetched (next) KeyTransRecipientInformation ends with exception
org.bouncycastle.cms.CMSException: exception unwrapping key: bad padding: Decryption error
When I fetch the second, the decryptedData are finally ok.
Can I somehow find out which recipient is the right one, before I invoke the exception ?
Thanks, but it will be tough to understand it all... I rather learn by examples
But I have just one more question - above i wrote, that I am building some xml containing public key (base64) of my certificate. Something such as
And how am I getting the data for this tag? So far manually.
I found the certificate among other personal ones in Chrome browser.
Exported it into file, without private key, X.509, coding Base-64 (CER).
Then opened the exported file in the text editor, removed '-----BEGIN CERTIFICATE-----'
and '----END CERTIFICATE-----''and the rest put into XML
This all I need to repeat by java code. I think it will be easy,
but the examples are scarce.
posted 3 weeks ago
CMS is defined by the linked RFC - if you want to know how it works and what may cause the issue you have to dive into the protocol spec - if you don't want to bother with the protocol then I doubt you're able to fix the issue yourself
about the other question: have a look at BouncyCastle - java itself can't handle those kind of files itself pretty well
posted 2 weeks ago
I finally googled the solution (BouncyCastle library). The JcaPEMWriter class did the trick.
I am a man of mystery. Mostly because of this tiny ad: