Java语言中的PKCS#7解密代码

Question

我对这个地区很陌生。我正在尝试用Java语言开发一个简单的PCKS#7加密/解密函数。加密还没有签名，我只想测试加密/解密(密钥来自密钥库)

下面是我的加密代码。

private static byte[] encryptData() throws Exception {

    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    FileInputStream fIn = new FileInputStream(_keyStorePath);
    KeyStore keystore = KeyStore.getInstance("JKS");
    keystore.load(fIn, _password);
    Certificate cert = keystore.getCertificate("abc");
    fIn.close();

    // set up the generator
    CMSEnvelopedDataGenerator gen = new CMSEnvelopedDataGenerator();

    gen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator((X509Certificate) cert).setProvider("BC"));

    // create the enveloped-data object
    CMSProcessable data = new CMSProcessableByteArray("Hello World!".getBytes());
    CMSEnvelopedData enveloped = gen.generate((CMSTypedData) data,new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build());
    return  enveloped.getEncoded();
}

如何编写一个非常简单的解密函数(无验证签名)来解密我的文件？

我在网上做了一些研究，我在谷歌上搜索的示例代码是`RecipientId recId = new RecipientId()；

    recId.setSerialNumber(cert.getSerialNumber());
    recId.setIssuer(cert.getIssuerX500Principal().getEncoded());

    RecipientInformationStore recipients = enveloped.getRecipientInfos();
    RecipientInformation recipient = recipients.get(recId);

    byte[] recData = recipient.getContent(key, "BC");`

但是，"RecipientId recId = new RecipientId();“不起作用，错误消息:无法实例化类型RecipientId

非常感谢。

Answer 1

我认为新的API有一些变化。

下面应该是正确的，

X509Certificate cert9 = (X509Certificate) keystore.getCertificate("abc");
    KeyTransRecipientId recId = new JceKeyTransRecipientId(cert9.getIssuerX500Principal(), cert9.getSerialNumber());