"No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

"No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

Satoru Otsubo-3
Hi,

I made a self-signed certificate and produced an encrypted key.pem.
 by using the following command and entering a password:

 $ openssl req -x509 -newkey rsa:2048 -keyout key.pem -outform pem -out cert.pem -days 365

Then, I tried to make the javax.crypto.EncryptedPrivateKeyInfo instance from the above key.pem with the program below,
 by referring to org.bouncycastle.jce.provider.test.EncryptedPrivateKeyInfoTest.java
(I used jdk1.7.0_80 and ***-jdk15on-160.jar)

But "java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.

As there is also org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo, I tried to use it.

But even in this case,"java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.

I appreciate if anyone can explain why "No such algorithm: 1.2.840.113549.1.5.13" occurs.

Thanks in advance.

Satoru Otsubo

***************************************************************

import java.io.*;
import javax.crypto.Cipher;

import org.bouncycastle.util.io.pem.*;

public class EncryptedPrivateKeyInfoTest
{
        public static void main(String[] args)
                throws Exception
        {
                PemReader reader = new PemReader(new InputStreamReader(new FileInputStream("key.pem")));

                PemObject pemObj = reader.readPemObject();

                byte[] pemCntnt = pemObj.getContent();
               
                java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

                try {
                        javax.crypto.EncryptedPrivateKeyInfo pInfo =
                                new javax.crypto.EncryptedPrivateKeyInfo(pemCntnt);

                        Cipher cipher = Cipher.getInstance(pInfo.getAlgName(), "BC");

                } catch (java.security.NoSuchAlgorithmException e) {

                        e.printStackTrace();
                }

                try {
                        org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo pInfo =
                                org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance(pemCntnt);

                        Cipher cipher =
                                Cipher.getInstance(pInfo.getEncryptionAlgorithm().getAlgorithm().getId(), "BC");

                } catch (java.security.NoSuchAlgorithmException e) {

                        e.printStackTrace();
                }
        }
}

***************************************************************

Reply | Threaded
Open this post in threaded view
|

Re: "No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

Eckenfels. Bernd
The error means it does not know about the PEM password protection (1.2.840.113549.1.5.13 = PBES2). Not sure if that can be done with BC but an alternative would be to save the file using the "-nodes" option in openssl command.

-----Ursprüngliche Nachricht-----
Von: Satoru Otsubo <[hidden email]>
Gesendet: Dienstag, 6. November 2018 12:36
An: [hidden email]
Betreff: [dev-crypto] "No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

Hi,

I made a self-signed certificate and produced an encrypted key.pem.
 by using the following command and entering a password:

 $ openssl req -x509 -newkey rsa:2048 -keyout key.pem -outform pem -out cert.pem -days 365

Then, I tried to make the javax.crypto.EncryptedPrivateKeyInfo instance from the above key.pem with the program below,  by referring to org.bouncycastle.jce.provider.test.EncryptedPrivateKeyInfoTest.java
(I used jdk1.7.0_80 and ***-jdk15on-160.jar)









SEEBURGER AG            Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:                Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1
D-75015 Bretten         Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0            Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de               Registergericht/Commercial Register:
e-mail: [hidden email]               HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.


This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.


Reply | Threaded
Open this post in threaded view
|

Re: "No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

Peter Dettman-3
In reply to this post by Satoru Otsubo-3
Hi Satoru,

To parse openssl-generated keys, you're better off using the bcpkix
jar's org.bouncycastle.openssl package. This example code will read a
key generated with the command line you used:


import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.security.PrivateKey;
import java.security.Security;

import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import
org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.operator.InputDecryptorProvider;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;

public class PEMTest
{
    public static void main(String[] args) throws Exception
    {
        Security.addProvider(new BouncyCastleProvider());

        PEMParser pemParser = new PEMParser(new InputStreamReader(new
FileInputStream("key.pem")));

        PKCS8EncryptedPrivateKeyInfo encPKInfo =
(PKCS8EncryptedPrivateKeyInfo)pemParser.readObject();

        InputDecryptorProvider decProv = new
JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("password".toCharArray());
        PrivateKeyInfo pkInfo = encPKInfo.decryptPrivateKeyInfo(decProv);

        PrivateKey privKey = new
JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pkInfo);
    }
}


This doesn't exactly answer your question, but I guess if you are really
curious about how it works, it's a good starting point.

Regards,
Pete Dettman


On 6/11/18 6:36 pm, Satoru Otsubo wrote:

> Hi,
>
> I made a self-signed certificate and produced an encrypted key.pem.
>  by using the following command and entering a password:
>
>  $ openssl req -x509 -newkey rsa:2048 -keyout key.pem -outform pem -out cert.pem -days 365
>
> Then, I tried to make the javax.crypto.EncryptedPrivateKeyInfo instance from the above key.pem with the program below,
>  by referring to org.bouncycastle.jce.provider.test.EncryptedPrivateKeyInfoTest.java
> (I used jdk1.7.0_80 and ***-jdk15on-160.jar)
>
> But "java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.
>
> As there is also org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo, I tried to use it.
>
> But even in this case,"java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.
>
> I appreciate if anyone can explain why "No such algorithm: 1.2.840.113549.1.5.13" occurs.
>
> Thanks in advance.
>
> Satoru Otsubo

Reply | Threaded
Open this post in threaded view
|

Re: "No such algorithm: 1.2.840.113549.1.5.13" occurs when creating an EncryptedPrivateKey instance.

Satoru Otsubo-3
Hi Peter,

Thank you for your program code.

Since I just wanted to get Privatekey to be used in creating CMSSignedData through CMSSignedDataGenerator,
Your code is very useful for me.

I took many hours to solve why no such algorithm occurs.
Your code let me solve it very quickly.
Thank you.


Satoru Otsubo


> Hi Satoru,
>
> To parse openssl-generated keys, you're better off using the bcpkix
> jar's org.bouncycastle.openssl package. This example code will read a
> key generated with the command line you used:
>
>
> import java.io.FileInputStream;
> import java.io.InputStreamReader;
> import java.security.PrivateKey;
> import java.security.Security;
>
> import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
> import org.bouncycastle.jce.provider.BouncyCastleProvider;
> import org.bouncycastle.openssl.PEMParser;
> import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
> import
> org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
> import org.bouncycastle.operator.InputDecryptorProvider;
> import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
>
> public class PEMTest
> {
>     public static void main(String[] args) throws Exception
>     {
>         Security.addProvider(new BouncyCastleProvider());
>
>         PEMParser pemParser = new PEMParser(new InputStreamReader(new
> FileInputStream("key.pem")));
>
>         PKCS8EncryptedPrivateKeyInfo encPKInfo =
> (PKCS8EncryptedPrivateKeyInfo)pemParser.readObject();
>
>         InputDecryptorProvider decProv = new
> JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("password".toCharArray());
>         PrivateKeyInfo pkInfo = encPKInfo.decryptPrivateKeyInfo(decProv);
>
>         PrivateKey privKey = new
> JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pkInfo);
>     }
> }
>
>
> This doesn't exactly answer your question, but I guess if you are really
> curious about how it works, it's a good starting point.
>
> Regards,
> Pete Dettman
>
>
> On 6/11/18 6:36 pm, Satoru Otsubo wrote:
> > Hi,
> >
> > I made a self-signed certificate and produced an encrypted key.pem.
> >  by using the following command and entering a password:
> >
> >  $ openssl req -x509 -newkey rsa:2048 -keyout key.pem -outform pem -out cert.pem -days 365
> >
> > Then, I tried to make the javax.crypto.EncryptedPrivateKeyInfo instance from the above key.pem with the program below,
> >  by referring to org.bouncycastle.jce.provider.test.EncryptedPrivateKeyInfoTest.java
> > (I used jdk1.7.0_80 and ***-jdk15on-160.jar)
> >
> > But "java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.
> >
> > As there is also org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo, I tried to use it.
> >
> > But even in this case,"java.security.NoSuchAlgorithmException: No such algorithm: 1.2.840.113549.1.5.13" occured.
> >
> > I appreciate if anyone can explain why "No such algorithm: 1.2.840.113549.1.5.13" occurs.
> >
> > Thanks in advance.
> >
> > Satoru Otsubo
>


--
Satoru Otsubo <[hidden email]>