I am following the examples of this whitepaper
I made a method that signes the PDF using directly the KeyStore and it works great. the method signs the PDF correctly with no errors whatsoever
Now in the next example, the method is modified to use a .p12 file, and I have that method like this:
public void signp12() throws...
{
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
KeyStore ks = KeyStore.getInstance("pkcs12", provider.getName());
ks.load(new FileInputStream(PRIVATE), PASSWORD);
String alias = (String) ks.aliases().nextElement();
PrivateKey pk = (PrivateKey) ks.getKey(alias, PASSWORD);
Certificate[] chain = ks.getCertificateChain(alias);
Proveedor app = new Proveedor();
app.firmar(SRC, String.format(DEST, 1), chain, pk, DigestAlgorithms.SHA256, provider.getName(), MakeSignature.CryptoStandard.CMS, "test1", "bla bla", PdfSignatureAppearance.NOT_CERTIFIED);
}
The method throws this exception
exception unwrapping private key - java.security.InvalidKeyException: Illegal key size
java.io.IOException
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.unwrapKey(Unknown Source)
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:1445)
I read in this link that It can be a problem with the JavaSecurity, so I have tested the maxlengh with int maxKeyLength = Cipher.getMaxAllowedKeyLength("SHA");
And I got that the maximun length is 128.
I followed then the instructions to copy the local_policy.jar and US_export_policy.jar extracted from this file to the C:\Program Files (x86)\Java\jre6\lib\security then I recompile , I try again and get the same error and I also got the same maxlenght.
Any ideas of what is happening and how can I solve it?
I am using windows7 and JDK8
