Hi,
Ok, I will explain it better.
I want to create a PKCS7 in 3 steps, Why?, Because i have web clients in
Internet and i prefer send them 20 bytes before that a document with 2MB...
So first i have to generate the hash of a "set of the Autenticated
Attributes" in a servlet or JSP. This Servlet/JSP generates a HTML page that
contains an applet with a sign function that receives the hash in Base64....
In the second step, a client with the applet, encrypts the hash with his
private key.
The result of the encryption with the user certificate is submitted inside a
"html form" to the another Servlet/JSP, this servlet/jsp recover the
"autenticated attributes" generated in the first step (from a DB) and
generate the PKCS7 with the attributes, hash encryted and user certificate.
Very Simple....
So I need to encrypt with Mozilla-JSS and my Question is if I can generate a
RSA encryption with a PrivateKey in and applet with JSS?. the code of the
first email crash me...
I have this System developed with IAIK in my Server, an ActiveX (Crypto API
and CSP) in the web client (only IE and Windows).
I have a version of and applet with Mozilla-JSS (for Windows and Linux),
that sign (no encrypt) the Autenticates Attributes generated in the
Servlet...
but I want that the applet encrypt a hash and no sign "autenticated
attributes" because also the auttenticate attributes are < 1024 bytes I
prefer encrypt 20 byte before sign +- 300 bytes, if i can ;).....
thx
ManTos....
"Rodrigue Butaye" <[EMAIL PROTECTED]> escribi� en el mensaje
news:[EMAIL PROTECTED]
> Hi,
>
> I didn't well understand. You have the client certificate with the
> private key on the server side???
> I think what you want to do is to generate a pkcs7 signature. So you
> can verify
> the signature with an authority(global sign, verisign,..) or not.
>
> To generate a pkcs7 signature, you can use jss.
> There is sample of code doing that on this newsgroup.(posted months
> ago).
>
> Rodrigue
>
>
> "ere" <[EMAIL PROTECTED]> wrote in message
news:<[EMAIL PROTECTED]>...
> > Hi,
> > I have to make a digital signature, but i want to do the hash in a
Servlet
> > and the encryption in an applet. So
> > in the Servlet i have to generate this structure to be encrypted in the
> > applet...
> > SEQUENCE[C] = 2 elements
> > SEQUENCE[C] = 2 elements
> > OBJECT ID = SHA
> > NULL = null
> > OCTET STRING = DATA HASH
> >
> > the applet has this code:
> >
> > tobeEncrypted = the structure in binary...
> > ..
> > ..
> >
> > org.mozilla.jss.crypto.PrivateKey priv = cm.findPrivKeyByCert(cert); //
> > Certificate selected by the user....
> > ..
> > ..
> >
> > javax.crypto.Cipher c = javax.crypto.Cipher.getInstance("RSA");
> > c.init(c.ENCRYPT_MODE, priv);
> > System.out.println(new String(c.doFinal(tobeEncrypted)));
> >
> >
> > And the applet throws this exception
> >
> > java.security.InvalidKeyException: Invalid key type:
> > org.mozilla.jss.pkcs11.PK11RSAPrivateKey
> > at
> >
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.importKey(JSSCipherSpi.ja
> > va:121)
> > at
> >
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit(JSSCipherSpi.j
> > ava:160)
> > at
> >
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit(JSSCipherSpi.j
> > ava:249)
> > at javax.crypto.Cipher.init(DashoA6275)
> > ..
> >
> >
> > this exception is because the cipher expects a javax.crypto.SecretKey
and i
> > have a PrivateKey.
> >
> > I want to know if I can do this, Can I generate a RSA encryption with a
> > PrivateKey?
> >
> > thx
> > Manuel
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
