Bill Price wrote: > I am getting an error trying to read a p12 file using JSS and examining its > components. I am getting the error: > > java.security.InvalidAlgorithmParameterException: RC2/CBC/NoPadding cannot > use a null parameter
This is a question for our JSS guru, who presently is on leave, but hopefully will be back soon. I observe that the string "RC2/CBC/NoPadding" occurs only at http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java#272 and the rest of that error string occurs at these places: http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.java#168 http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.java#254 http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.java#247 The RC2 algorithm does indeed take a parameter. It is one of the few that do. I wonder if the p12 file was created in some unusual way. I think it is unusual to use RC2 at all, even in p12 files. So, this might be a bug in the JSS code that sets up decryption via RC2. > I am essentially using the code from the main program at: > http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/pkcs12/PFX.java > > The error is occuring at line 377 where the program attempts to get/decrypt > the 2nd of 2 SafeContents. This SafeContents is encrypted with the > pbeWithSHAAnd40BitRC2-CBC. How did that p12 file get created? Could you generate another "dummy" p12 file, created in the same way, that can reproduce the problem, but whose contents are not important to you, and attach it to a bugzilla bug? (or send it to me) ? > The p12 file seems to work okay when used for client authentication with > Java Native SSL. > > The problem seems to occur with both JSS34 and JSS4. > > Has anyone else seen this or have any suggestions? Thanks. > > Bill Price -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
