Ignacio Ocampo
2013-12-19 04:38:54 UTC
Hi,
I need to generate PFX, with openssl I get:
#openssl pkcs12 -info -noout -in expected.pfx
MAC Iteration *2048*
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration *2048*
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration *2048*
With my code I get:
#openssl pkcs12 -info -noout -in obtained.pfx
MAC Iteration *1024*
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration *1024*
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration *1024*
Certificate bag
----- groovy file -----
def myMethod(){
cerPath = "mycer.cer"
keyPath = "mykey.key"
keyPass = "mypass"
def pfxPath = "obtained.pfx"
StringWriter sw = new StringWriter();
PEMWriter pw = new PEMWriter(sw);
BouncyCastleProvider provider = new BouncyCastleProvider();
File cfile = new File(cerPath)
InputStream is = cfile.newInputStream()
CertificateFactory factory =
CertificateFactory.getInstance("X.509", provider)
X509Certificate[] chain = new Certificate[1];
chain[0] = (X509Certificate) factory.generateCertificate(is)
File kfile = new File(keyPath)
InputStream isp = kfile.newInputStream()
PKCS8Key pkcs8 = new PKCS8Key( isp, keyPass.toCharArray() );
byte[] decrypted = pkcs8.getDecryptedBytes();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( decrypted );
PrivateKey pk = (PrivateKey) KeyFactory.getInstance( "RSA"
).generatePrivate( spec );
KeyStore pkcs12KeyStore = KeyStore.getInstance("PKCS12", provider);
pkcs12KeyStore.load( null, keyPass.toCharArray() )
pkcs12KeyStore.setKeyEntry("", pk, keyPass.toCharArray(), chain)
pkcs12KeyStore.store(new FileOutputStream ( pfxPath ),
keyPass.toCharArray())
}
-----
What is wrong?.
Best Regards.
I need to generate PFX, with openssl I get:
#openssl pkcs12 -info -noout -in expected.pfx
MAC Iteration *2048*
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration *2048*
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration *2048*
With my code I get:
#openssl pkcs12 -info -noout -in obtained.pfx
MAC Iteration *1024*
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration *1024*
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration *1024*
Certificate bag
----- groovy file -----
def myMethod(){
cerPath = "mycer.cer"
keyPath = "mykey.key"
keyPass = "mypass"
def pfxPath = "obtained.pfx"
StringWriter sw = new StringWriter();
PEMWriter pw = new PEMWriter(sw);
BouncyCastleProvider provider = new BouncyCastleProvider();
File cfile = new File(cerPath)
InputStream is = cfile.newInputStream()
CertificateFactory factory =
CertificateFactory.getInstance("X.509", provider)
X509Certificate[] chain = new Certificate[1];
chain[0] = (X509Certificate) factory.generateCertificate(is)
File kfile = new File(keyPath)
InputStream isp = kfile.newInputStream()
PKCS8Key pkcs8 = new PKCS8Key( isp, keyPass.toCharArray() );
byte[] decrypted = pkcs8.getDecryptedBytes();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( decrypted );
PrivateKey pk = (PrivateKey) KeyFactory.getInstance( "RSA"
).generatePrivate( spec );
KeyStore pkcs12KeyStore = KeyStore.getInstance("PKCS12", provider);
pkcs12KeyStore.load( null, keyPass.toCharArray() )
pkcs12KeyStore.setKeyEntry("", pk, keyPass.toCharArray(), chain)
pkcs12KeyStore.store(new FileOutputStream ( pfxPath ),
keyPass.toCharArray())
}
-----
What is wrong?.
Best Regards.
--
Ignacio Ocampo Millán
Ignacio Ocampo Millán