[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    [dev-crypto] RecipientInformationStore.get() returns null
From:       Mark Parker <godefroi () gmail ! com>
Date:       2011-06-29 17:57:05
Message-ID: iufp1g$2g0$1 () dough ! gmane ! org
[Download RAW message or body]

I'm attempting to decrypt an S/MIME email (sent originally via Outlook), 
and to do that, I'm using the bouncycastle API. I'm running into a snag, 
though.

I have, in the Windows certificate store, the certificate for the 
recipient. I had previously used it to send a signed and encrypted email 
to the other party, and they in turn used it to send me an encrypted 
reply. I then exported the certificate (with private key) as a .pfx 
file, and I loaded this pfx file into a Java KeyStore. It doesn't work, 
however, and I suspect that's because the subject key identifiers don't 
match.

The Windows certificate store properties say that the subject key 
identifier is this:

88 ed bb 7c 64 7b 41 63 48 0a 24 40 2b 3c d0 78 72 3c 30 b3

If I get the certificate from a KeyStore and get the subject key 
identifier from there, I get this:

04 16 04 14 88 ed bb 7c 64 7b 41 63 48 0a 24 40 2b 3c d0 78 72 3c 30 b3

This value has four extra bytes at the front, but then contains the same 
value. If I get the subject key identifier from the 
RecipientInformationStore using 
SMIMEEnveloped.getRecipientInfos().getRecipients() then the single 
recipient's key identifier is this:

04 14 88 ed bb 7c 64 7b 41 63 48 0a 24 40 2b 3c d0 78 72 3c 30 b3

I assume that's why the RecipientInformationStore.get() method is 
returning null, because the key identifier doesn't match the certificate 
I used to construct the JceKeyTransRecipientId object. I don't have the 
faintest clue, however, why these values would all be different.

I would appreciate any help you could provide.

Mark


[prev in list] [next in list] [prev in thread] [next in thread]