Hi,
I didn't well understand. You have the client certificate with the
private key on the server side???
I think what you want to do is to generate a pkcs7 signature. So you
can verify
the signature with an authority(global sign, verisign,..) or not.
To generate a pkcs7 signature, you can use jss.
There is sample of code doing that on this newsgroup.(posted months
ago).
Rodrigue
"ere" <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>...
> Hi,
> I have to make a digital signature, but i want to do the hash in a Servlet
> and the encryption in an applet. So
> in the Servlet i have to generate this structure to be encrypted in the
> applet...
> SEQUENCE[C] = 2 elements
> SEQUENCE[C] = 2 elements
> OBJECT ID = SHA
> NULL = null
> OCTET STRING = DATA HASH
>
> the applet has this code:
>
> tobeEncrypted = the structure in binary...
> ..
> ..
>
> org.mozilla.jss.crypto.PrivateKey priv = cm.findPrivKeyByCert(cert); //
> Certificate selected by the user....
> ..
> ..
>
> javax.crypto.Cipher c = javax.crypto.Cipher.getInstance("RSA");
> c.init(c.ENCRYPT_MODE, priv);
> System.out.println(new String(c.doFinal(tobeEncrypted)));
>
>
> And the applet throws this exception
>
> java.security.InvalidKeyException: Invalid key type:
> org.mozilla.jss.pkcs11.PK11RSAPrivateKey
> at
> org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.importKey(JSSCipherSpi.ja
> va:121)
> at
> org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit(JSSCipherSpi.j
> ava:160)
> at
> org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit(JSSCipherSpi.j
> ava:249)
> at javax.crypto.Cipher.init(DashoA6275)
> ..
>
>
> this exception is because the cipher expects a javax.crypto.SecretKey and i
> have a PrivateKey.
>
> I want to know if I can do this, Can I generate a RSA encryption with a
> PrivateKey?
>
> thx
> Manuel
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
