Estou tentanto realizar um envelopamento de um arquivo com o EnvelopedData da BouncyCastle. O código está logo abaixo. Porém, estou com erro de algoritmo de chaves:
public static void main(String args[])
{
if (args.length < 2)
usage();
//Plug the Provider into the JCA/JCE
Security.addProvider(new BouncyCastleProvider());
FileInputStream freader = null;
File f = null;
X509Certificate cert = null;
//------ Get the content data from file -------------
f = new File(args[0]) ;
int sizecontent = ((int) f.length());
byte[] contentbytes = new byte[sizecontent];
try {
freader = new FileInputStream(f);
System.out.print("\nContent Bytes: " + freader.read(contentbytes, 0, sizecontent));
freader.close();
}
catch(IOException ioe) {
System.out.println(ioe.toString());
return;
}
//------ Get recipient certificate from file -------------
try{
InputStream inStream = new FileInputStream(args[1]);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cert = (X509Certificate)cf.generateCertificate(inStream);
inStream.close();
}
catch(Exception exc){
exc.printStackTrace();
System.out.println("Couldn't instantiate X.509 certificate");
return;
}
// --- Use Bouncy Castle provider to create enveloped message ---
String algorithm = CMSEnvelopedDataGenerator.AES128_CBC; //"AES/CBC/PKCS5Padding";
CMSEnvelopedDataGenerator fact = new CMSEnvelopedDataGenerator();
fact.addKeyTransRecipient(cert);
CMSProcessableByteArray content = new CMSProcessableByteArray(contentbytes);
try{
CMSEnvelopedData envdata = fact.generate(content, algorithm, "BC");
byte[] enveloped = envdata.getEncoded() ;
System.out.println("Got encoded pkcs7 bytes " + enveloped.length + " bytes") ;
FileOutputStream envfos = new FileOutputStream("c:\\BCenveloped.p7");
envfos.write(enveloped);
envfos.close();
System.out.println("FIM");
}
catch(Exception ex){
ex.printStackTrace();
System.out.println("COuldn't generate enveloped signature") ;
}
/* "c:\amor.bmp" "C:\Certificados\outros\diversos\certHOM.cer" */
}
private static void usage()
{
System.out.println("Usage:\n java EnvelopFile <contentfile> <certfile> ") ;
System.exit(1);
}
ERRO:
Content Bytes: 93810org.bouncycastle.cms.CMSException: key inappropriate for algorithm.
at org.bouncycastle.cms.CMSEnvelopedDataGenerator.generate(Unknown Source)
at org.bouncycastle.cms.CMSEnvelopedDataGenerator.generate(Unknown Source)
at EnvelopFile.main(EnvelopFile.java:71)
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA13*…)COuldn’t generate enveloped signature
at javax.crypto.Cipher.init(DashoA13*…)
at javax.crypto.Cipher.init(DashoA13*…)
at org.bouncycastle.cms.CMSEnvelopedDataGenerator$RecipientInf.toRecipientInfo(Unknown Source)
… 3 more
Alguem pode me ajudar?