我有一个.p7m格式的电子邮件附件和一个包含私钥和证书的.pem文件 . 使用OpenSSL我可以使用以下命令解密文件:
openssl smime -decrypt -inform DER -in fileToDecrypt.p7m -inkey privateKey.pem -out destinationFile
但是在Java中使用bouncycastle,我无法解密它 . 我用这段代码读了私钥:
PEMReader pemReader = new PEMReader(new InputStreamReader(new FileInputStream(privateKeyName)));
Object obj;
PrivateKey key = null;
X509Certificate cert1 = null;
X509Certificate cert2 = null;
obj = pemReader.readObject();
if (obj instanceof PrivateKey) {
key = (PrivateKey) obj;
System.out.println("Private Key found");
}
obj = pemReader.readObject();
if(obj instanceof X509Certificate){
cert1 = (X509Certificate) obj;
System.out.println("cert found");
}
obj = pemReader.readObject();
if(obj instanceof X509Certificate){
cert2 = (X509Certificate) obj;
System.out.println("cert found");
}
打印出:
Private Key Found
cert found
cert found
键的类型是:
System.out.println(key.getAlgorithm());
System.out.println(cert1.getSigAlgName());
System.out.println(cert2.getSigAlgName());
RSA
SHA256WithRSAEncryption
SHA256WithRSAEncryption
如果我尝试这样解密:
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, key);
Path path = Paths.get("fileToDecrypt.p7m");
byte[] data = Files.readAllBytes(path);
byte[] decryptedData = cipher.doFinal(data);
我明白了:
javax.crypto.IllegalBlockSizeException: Data must not be longer than 256 bytes
我有这两个文件:
-
fileToDecrypt.p7m
-
privateKey.pem:包含RSA私钥和两个X508证书
我不知道从哪里开始解密什么,怎么解释?
1 回答
解决问题的方法: