Search   Recent Topics     Member Listing   Register /  Login 
JCAPI v2 can't find an algorithm supported by v1
Forum Index -> General Issues
Author Message
igor.conti
Advanced

Joined: Sep 25, 2009
Messages: 40
Offline

Hi Tommy,

A little problem ocuurs when I try to decrypt using JCAPI provider, here is the error log :

Code:
 org.bouncycastle.cms.CMSException: can't find algorithm.
 	at org.bouncycastle.cms.RecipientInformation.getContentFromSessionKey(Unknown Source)
 	at org.bouncycastle.cms.KeyTransRecipientInformation.getContentStream(Unknown Source)
 	at org.bouncycastle.cms.KeyTransRecipientInformation.getContentStream(Unknown Source)
 	at easyopen.process.signcrypt.SignCryptManager.decrypt(SignCryptManager.java:2573)
 	at easyopen.process.signcrypt.SignCryptManager.traiteCrypt(SignCryptManager.java:625)
 	at easyopen.process.Kernel.processFiles(Kernel.java:466)
 	at easyopen.process.Kernel.traite(Kernel.java:233)
 	at easyopen.ui.AccueilPanel$Task.doInBackground(AccueilPanel.java:113)
 	at easyopen.ui.AccueilPanel$Task.doInBackground(AccueilPanel.java:106)
 	at javax.swing.SwingWorker$1.call(Unknown Source)
 	at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
 	at java.util.concurrent.FutureTask.run(Unknown Source)
 	at javax.swing.SwingWorker.run(Unknown Source)
 	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
 	at java.lang.Thread.run(Unknown Source)
 Caused by: java.security.NoSuchAlgorithmException: no such algorithm: 1.2.840.113549.3.7 for provider JCAPI
 	at sun.security.jca.GetInstance.getService(Unknown Source)
 	at sun.security.jca.GetInstance.getInstance(Unknown Source)
 	at java.security.Security.getImpl(Unknown Source)
 	at java.security.AlgorithmParameters.getInstance(Unknown Source)
 	at org.bouncycastle.cms.CMSEnvelopedHelper.createAlgorithmParams(Unknown Source)
 	at org.bouncycastle.cms.CMSEnvelopedHelper.createAlgorithmParameters(Unknown Source)
 	... 16 more
 


The algorithm OID points to TripleDES but is not listed in the aliases supported by JCAPI v2. This OID doesn't create any problem with JCAPI v1.

Is there a mean to add this alias to JCAPI provider dynamically ?
If not could you provide a new release of JCAPI v2 that contains this alias ?

Thank you in advance.

Regards,
Igor
tommy
Pheox Support

Joined: May 30, 2005
Messages: 148
Offline

Hi Igor,

Nice to hear from you again.

Yes, JCAPI does not support your given 3DES alias. Actually it was not supported in version 1 either since support for natively executed symmetric ciphers was first introduced in version 2 of JCAPI. The reason it worked before for you was that you're using another JCE provider than JCAPI.

Anyway, I've implemented support for your 3DES + CBC alias. Now you can use any of the following aliases to create a your 3DES + CBC + PKCS#5 padding in one shot:
DESedewithCBC
TripleDESwithCBC
3DESwithCBC
1.2.840.113549.3.7

I've attached a release candidate of JCAPI below. Please try it out and check if it solves your problem.

Have a good day.

Regards,
Tommy

JCAPI.jar
 Description JCAPI v2.2.0 RC-1 Download
 Filesize 345 kb
 Downloaded:  366 time(s)

igor.conti
Advanced

Joined: Sep 25, 2009
Messages: 40
Offline

Hi Tommy,

Nice to hear (read ) you too.

Your new RC don't work properly (see error log below) but your post has given me an idea and I solved my problem by upgrading BouncyCastle to version 1.46 and specifying JCAPI for key recovery provider and BouncyCastle for content processing provider like this :

Code:
 InputStream fin = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(key).setProvider("JCAPI").setContentProvider("BC")).getContentStream();
 


And it works perfectly so the new release is not useful anymore for me but I'm here for more tests if you need because it could be useful for other ones.

Here is the error log with your new release :

Code:
 java.lang.IllegalStateException: You must first initialize this instance before calling this method.
 	at com.pheox.jcapi.r.a(Unknown Source)
 	at com.pheox.jcapi.JCAPISymmetricCipherDynamic.engineDoFinal(Unknown Source)
 	at javax.crypto.Cipher.doFinal(Cipher.java:1969)
 	at javax.crypto.CipherInputStream.close(CipherInputStream.java:299)
 	at java.io.BufferedInputStream.close(Unknown Source)
 	at java.io.FilterInputStream.close(Unknown Source)
 	at java.io.BufferedInputStream.close(Unknown Source)
 	at easyopen.process.signcrypt.SignCryptManager.decrypt(SignCryptManager.java:2716)
 	at easyopen.process.signcrypt.SignCryptManager.traiteCrypt(SignCryptManager.java:687)
 	at easyopen.process.Kernel.processFiles(Kernel.java:466)
 	at easyopen.process.Kernel.traite(Kernel.java:233)
 	at easyopen.ui.AccueilPanel$Task.doInBackground(AccueilPanel.java:113)
 	at easyopen.ui.AccueilPanel$Task.doInBackground(AccueilPanel.java:106)
 	at javax.swing.SwingWorker$1.call(Unknown Source)
 	at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
 	at java.util.concurrent.FutureTask.run(Unknown Source)
 	at javax.swing.SwingWorker.run(Unknown Source)
 	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
 	at java.lang.Thread.run(Unknown Source)
 


Regards,
Igor
tommy
Pheox Support

Joined: May 30, 2005
Messages: 148
Offline

Hi again Igor,

Good that you found an alternative solution.
I think I might have been a little to hasty with my patch. I'll check it out and make a more stable fix to be released later on.

Thanks.

Regards,
Tommy
 
  Forum Index -> General Issues
Go to: