You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by huang zhimin <fl...@gmail.com> on 2008/03/21 17:37:24 UTC
encrypt with pkcs12 private key
I use BouncyCastleProvider to get a private key from a p12 file, when i use
the private key to encrypt xml document, i get the exception as follows:
org.apache.xml.security.signature.XMLSignatureException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was
org.apache.xml.security.signature.XMLSignatureException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was java.security.InvalidKeyException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
does it mean that xml security do not support pkcs12 keystore?
--
My msn spaces: http://flyerhzm.spaces.live.com
Re: encrypt with pkcs12 private key
Posted by huang zhimin <fl...@gmail.com>.
I'm sorry, it should be using the BC PrivateKey to sign a document.
Can you tell me how to configure provider when signing?
On Sat, Mar 22, 2008 at 3:57 AM, Sean Mullan <Se...@sun.com> wrote:
> It sounds as if you may be using the BC PrivateKey with a provider that
> doesn't support it. Have you also configured your providers such that
> BouncyCastle is used when signing?
>
> --Sean
>
> Jesse Pelton wrote:
> > D'oh. I should have noticed that. I imagine the intent really is to sign
> > with a private key, which of course makes perfect sense.
> >
> > Assuming that's the case, can anyone answer the question?
> >
> > ------------------------------------------------------------------------
> > *From:* Brent Putman [mailto:putmanb@georgetown.edu]
> > *Sent:* Friday, March 21, 2008 3:02 PM
> > *To:* security-dev@xml.apache.org
> > *Subject:* Re: encrypt with pkcs12 private key
> >
> > Also, you said "encryption", but the exceptions below seem to indicate
> > that you are trying to sign, not encrypt.
> >
> >
> > Jesse Pelton wrote:
> >> Why would you want to encrypt with a private key? Anyone with the
> >> corresponding public key (which is, after all, public) can decrypt the
> >> message, rendering the encryption useless.
> >>
> >>
> ------------------------------------------------------------------------
> >> *From:* huang zhimin [mailto:flyerhzm@gmail.com]
> >> *Sent:* Friday, March 21, 2008 12:37 PM
> >> *To:* security-dev@xml.apache.org
> >> *Subject:* encrypt with pkcs12 private key
> >>
> >> I use BouncyCastleProvider to get a private key from a p12 file, when
> >> i use the private key to encrypt xml document, i get the exception as
> >> follows:
> >>
> >> org.apache.xml.security.signature.XMLSignatureException: No installed
> >> provider supports this key:
> >> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
> >> Original Exception was
> >> org.apache.xml.security.signature.XMLSignatureException: No installed
> >> provider supports this key:
> >> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
> >> Original Exception was java.security.InvalidKeyException: No installed
> >> provider supports this key:
> >> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
> >>
> >> does it mean that xml security do not support pkcs12 keystore?
> >>
> >> --
> >> My msn spaces: http://flyerhzm.spaces.live.com
>
>
--
My msn spaces: http://flyerhzm.spaces.live.com
Re: encrypt with pkcs12 private key
Posted by Sean Mullan <Se...@Sun.COM>.
It sounds as if you may be using the BC PrivateKey with a provider that
doesn't support it. Have you also configured your providers such that
BouncyCastle is used when signing?
--Sean
Jesse Pelton wrote:
> D'oh. I should have noticed that. I imagine the intent really is to sign
> with a private key, which of course makes perfect sense.
>
> Assuming that's the case, can anyone answer the question?
>
> ------------------------------------------------------------------------
> *From:* Brent Putman [mailto:putmanb@georgetown.edu]
> *Sent:* Friday, March 21, 2008 3:02 PM
> *To:* security-dev@xml.apache.org
> *Subject:* Re: encrypt with pkcs12 private key
>
> Also, you said "encryption", but the exceptions below seem to indicate
> that you are trying to sign, not encrypt.
>
>
> Jesse Pelton wrote:
>> Why would you want to encrypt with a private key? Anyone with the
>> corresponding public key (which is, after all, public) can decrypt the
>> message, rendering the encryption useless.
>>
>> ------------------------------------------------------------------------
>> *From:* huang zhimin [mailto:flyerhzm@gmail.com]
>> *Sent:* Friday, March 21, 2008 12:37 PM
>> *To:* security-dev@xml.apache.org
>> *Subject:* encrypt with pkcs12 private key
>>
>> I use BouncyCastleProvider to get a private key from a p12 file, when
>> i use the private key to encrypt xml document, i get the exception as
>> follows:
>>
>> org.apache.xml.security.signature.XMLSignatureException: No installed
>> provider supports this key:
>> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
>> Original Exception was
>> org.apache.xml.security.signature.XMLSignatureException: No installed
>> provider supports this key:
>> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
>> Original Exception was java.security.InvalidKeyException: No installed
>> provider supports this key:
>> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
>>
>> does it mean that xml security do not support pkcs12 keystore?
>>
>> --
>> My msn spaces: http://flyerhzm.spaces.live.com
RE: encrypt with pkcs12 private key
Posted by Jesse Pelton <js...@PKC.com>.
D'oh. I should have noticed that. I imagine the intent really is to sign
with a private key, which of course makes perfect sense.
Assuming that's the case, can anyone answer the question?
________________________________
From: Brent Putman [mailto:putmanb@georgetown.edu]
Sent: Friday, March 21, 2008 3:02 PM
To: security-dev@xml.apache.org
Subject: Re: encrypt with pkcs12 private key
Also, you said "encryption", but the exceptions below seem to indicate
that you are trying to sign, not encrypt.
Jesse Pelton wrote:
Why would you want to encrypt with a private key? Anyone with
the corresponding public key (which is, after all, public) can decrypt
the message, rendering the encryption useless.
________________________________
From: huang zhimin [mailto:flyerhzm@gmail.com]
Sent: Friday, March 21, 2008 12:37 PM
To: security-dev@xml.apache.org
Subject: encrypt with pkcs12 private key
I use BouncyCastleProvider to get a private key from a p12 file,
when i use the private key to encrypt xml document, i get the exception
as follows:
org.apache.xml.security.signature.XMLSignatureException: No
installed provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was
org.apache.xml.security.signature.XMLSignatureException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was java.security.InvalidKeyException: No
installed provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
does it mean that xml security do not support pkcs12 keystore?
--
My msn spaces: http://flyerhzm.spaces.live.com
Re: encrypt with pkcs12 private key
Posted by Brent Putman <pu...@georgetown.edu>.
Also, you said "encryption", but the exceptions below seem to indicate
that you are trying to sign, not encrypt.
Jesse Pelton wrote:
> Why would you want to encrypt with a private key? Anyone with the
> corresponding public key (which is, after all, public) can decrypt the
> message, rendering the encryption useless.
>
> ------------------------------------------------------------------------
> *From:* huang zhimin [mailto:flyerhzm@gmail.com]
> *Sent:* Friday, March 21, 2008 12:37 PM
> *To:* security-dev@xml.apache.org
> *Subject:* encrypt with pkcs12 private key
>
> I use BouncyCastleProvider to get a private key from a p12 file, when
> i use the private key to encrypt xml document, i get the exception as
> follows:
>
> org.apache.xml.security.signature.XMLSignatureException: No installed
> provider supports this key:
> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
> Original Exception was
> org.apache.xml.security.signature.XMLSignatureException: No installed
> provider supports this key:
> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
> Original Exception was java.security.InvalidKeyException: No installed
> provider supports this key:
> org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
>
> does it mean that xml security do not support pkcs12 keystore?
>
> --
> My msn spaces: http://flyerhzm.spaces.live.com
RE: encrypt with pkcs12 private key
Posted by Jesse Pelton <js...@PKC.com>.
Why would you want to encrypt with a private key? Anyone with the
corresponding public key (which is, after all, public) can decrypt the
message, rendering the encryption useless.
________________________________
From: huang zhimin [mailto:flyerhzm@gmail.com]
Sent: Friday, March 21, 2008 12:37 PM
To: security-dev@xml.apache.org
Subject: encrypt with pkcs12 private key
I use BouncyCastleProvider to get a private key from a p12 file, when i
use the private key to encrypt xml document, i get the exception as
follows:
org.apache.xml.security.signature.XMLSignatureException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was
org.apache.xml.security.signature.XMLSignatureException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
Original Exception was java.security.InvalidKeyException: No installed
provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
does it mean that xml security do not support pkcs12 keystore?
--
My msn spaces: http://flyerhzm.spaces.live.com