org.bouncycastle.openpgp.PGPException: error setting asymmetric cipher
2,793 views
Skip to first unread message
Kevin
Nov 20, 2010, 11:52:14 AM11/20/10
to DidiSoft Forum
I am getting a stack trace writing a unit test using the paid version
of PGPLib and already installed the unlimited key-strength policy
files according to the instructions at pgplib/Documentation.html#JCE.
While I have to protect the structure of the code and our private key,
I can provide some additional information.
The test file contains the string "Hello world" and was encrypted
using the following command:
gpg --compress-algo none --default-recipient "..." -ea
TestFile.txt
and successfully decrypts using this command:
gpg -d TestFile.gpg.asc
In Java, I am trying to decrypt it with this code:
File encrypted = ...
File decrypted = ...
InputStream privateKeyStream =
ClassLoader.getSystemClassLoader().getResourceAsStream( "..." );
String passphrase = "...";
new PGPLib().decryptFile( encrypted.getAbsolutePath(),
privateKeyStream, passphrase, decrypted.getAbsolutePath() );
The private key header looks like:
gpg --export-secret-key -a "..."
-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: GnuPG v2.0.9 (FreeBSD)
Here is the exception I get:
org.bouncycastle.openpgp.PGPException: error setting asymmetric cipher
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.fetchSymmetricKeyData(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at com.didisoft.pgp.PGPLib.parseEncryptedData(PGPLib.java:3092)
at com.didisoft.pgp.PGPLib.decryptStream(PGPLib.java:1589)
at com.didisoft.pgp.PGPLib.decryptFile(PGPLib.java:1721)
at com...decrypt(FileUtils.java:797)
at com...decryptToTempFile(DownloadFile.java:550)
at com...decryptToTempFile(DownloadFile.java:523)
at com...testDecrypt(TestDownloadFile.java:30)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:
130)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:
38)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
467)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
683)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:
390)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:
197)
Caused by: java.security.InvalidKeyException: Illegal key size or
default parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
... 29 more
of PGPLib and already installed the unlimited key-strength policy
files according to the instructions at pgplib/Documentation.html#JCE.
While I have to protect the structure of the code and our private key,
I can provide some additional information.
The test file contains the string "Hello world" and was encrypted
using the following command:
gpg --compress-algo none --default-recipient "..." -ea
TestFile.txt
and successfully decrypts using this command:
gpg -d TestFile.gpg.asc
In Java, I am trying to decrypt it with this code:
File encrypted = ...
File decrypted = ...
InputStream privateKeyStream =
ClassLoader.getSystemClassLoader().getResourceAsStream( "..." );
String passphrase = "...";
new PGPLib().decryptFile( encrypted.getAbsolutePath(),
privateKeyStream, passphrase, decrypted.getAbsolutePath() );
The private key header looks like:
gpg --export-secret-key -a "..."
-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: GnuPG v2.0.9 (FreeBSD)
Here is the exception I get:
org.bouncycastle.openpgp.PGPException: error setting asymmetric cipher
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.fetchSymmetricKeyData(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
at com.didisoft.pgp.PGPLib.parseEncryptedData(PGPLib.java:3092)
at com.didisoft.pgp.PGPLib.decryptStream(PGPLib.java:1589)
at com.didisoft.pgp.PGPLib.decryptFile(PGPLib.java:1721)
at com...decrypt(FileUtils.java:797)
at com...decryptToTempFile(DownloadFile.java:550)
at com...decryptToTempFile(DownloadFile.java:523)
at com...testDecrypt(TestDownloadFile.java:30)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:
130)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:
38)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
467)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
683)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:
390)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:
197)
Caused by: java.security.InvalidKeyException: Illegal key size or
default parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
... 29 more
didisoft
Nov 20, 2010, 1:04:30 PM11/20/10
to DidiSoft Forum
Hello Kevin,
Can you send us your public key so we can perform some local tests.
Thank you in advance
Regards,
Peter Kalef
DidiSoft Support
Can you send us your public key so we can perform some local tests.
Thank you in advance
Regards,
Peter Kalef
DidiSoft Support
Kevin
Nov 21, 2010, 2:29:35 PM11/21/10
to DidiSoft Forum
I sent the public key to the your profile e-mail address.
didisoft
Nov 21, 2010, 2:35:46 PM11/21/10
to DidiSoft Forum
Dear Kervin,
The problem comes from the Unlimited Java Cryptography Extensions
(JCE) files.
In order to verify this, we have switched our Unlimited files with the
default ones and the exception is:
--------------------
Exception in thread "main" org.bouncycastle.openpgp.PGPException:
exception encrypting session key
...
$PubMethod.addSessionInfo(Unknown Source)
... 6 more
-----------------
Please verify that you have replaced the files local_policy.jar and
US_export_policy.jar with the versions from the Unlimited JCE ZIP
package. Detailed instructions on the correct place where the files
are located and must be replaced can be found in section
"Installation" in the README.txt file that is included in the
Unlimited JCE ZIP package.
This is a little cumbersome task and a lot of our customers have
problems with it.
In short you have two cases:
1) Only JRE is installed on the target machine
then the files should be replaced in <jre-home>/lib/security
2) Both JRE and JDK are installed on the computer
then the files should be replaced in <jdk-home>/jre/lib/security
The above instructions assume that you have only one version of Java
on the target machine.
If you have more than one version you have to know for sure which one
is the one that runs your application.
Note that test applications started from the Eclipse IDE are run
through the JRE.
Please send us what is the operating system and what JRE's and JDK's
are installed on that machine,
at sup...@didisoft.com so we can assist you further.
Kind Regards,
Peter Kalef
DidiSoft Support
The problem comes from the Unlimited Java Cryptography Extensions
(JCE) files.
In order to verify this, we have switched our Unlimited files with the
default ones and the exception is:
--------------------
Exception in thread "main" org.bouncycastle.openpgp.PGPException:
exception encrypting session key
...
Caused by: java.security.InvalidKeyException: Illegal key size or
default parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at org.bouncycastle.openpgp.PGPEncryptedDataGenerator
default parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
$PubMethod.addSessionInfo(Unknown Source)
... 6 more
-----------------
Please verify that you have replaced the files local_policy.jar and
US_export_policy.jar with the versions from the Unlimited JCE ZIP
package. Detailed instructions on the correct place where the files
are located and must be replaced can be found in section
"Installation" in the README.txt file that is included in the
Unlimited JCE ZIP package.
This is a little cumbersome task and a lot of our customers have
problems with it.
In short you have two cases:
1) Only JRE is installed on the target machine
then the files should be replaced in <jre-home>/lib/security
2) Both JRE and JDK are installed on the computer
then the files should be replaced in <jdk-home>/jre/lib/security
The above instructions assume that you have only one version of Java
on the target machine.
If you have more than one version you have to know for sure which one
is the one that runs your application.
Note that test applications started from the Eclipse IDE are run
through the JRE.
Please send us what is the operating system and what JRE's and JDK's
are installed on that machine,
at sup...@didisoft.com so we can assist you further.
Kind Regards,
Peter Kalef
DidiSoft Support
Kevin
Nov 21, 2010, 2:48:35 PM11/21/10
to DidiSoft Forum
Yep, that was all it was. I replaced the files correctly in the JDK I
was supposed to be using, but my run configuration was using a
different JDK. Thanks.
> at supp...@didisoft.com so we can assist you further.
was supposed to be using, but my run configuration was using a
different JDK. Thanks.
Reply all
Reply to author
Forward
0 new messages