My understanding from what you're saying is that you can successfully
encrypt with OpenSSL, but BouncyCastle is failing to decrypt it.

What is the version of OpenSSL that you're using?
What is the version of BouncyCastle that you're using?  What version of
javamail are you using with it?
Which crypto library is the server is using, and what version?
Have you ensured that the private key to the certificate you're using is
available in every place you're trying to decrypt it?
Can you decrypt the mail with OpenSSL in the place where you have encrypted
it (not using the command line, but using the API)?
Can you encrypt with BouncyCastle and have OpenSSL decrypt it?  What kind
of keypair and certificate are you using?  What tool was used to create
it?  Does the certificate chain verify?
What are the error messages (or exceptions) you're receiving?
What is the command line that you're using to decrypt it?  What is the code
you're using to encrypt the mail?  What is the code you're using to decrypt
the mail?

Is there anything else that you can think of that might help identify where
the problem actually is?

BouncyCastle relies on javamail for mail parsing.  You may need to include
email headers and wrap the entire thing in a MIME-formatted wrapper to
avoid choking javamail.  If this is the case, I perceive it is a bug in
BouncyCastle, as it explicitly exceeds the scope of the BER structures that
CMS and prior S/MIME versions work with.  I also perceive it as not a bug
in OpenSSL, for the same reason.

-Kyle H



On Mon, Jun 2, 2014 at 2:30 AM, Yash Dosi <yashd...@gmail.com> wrote:

>
> Hi All,
>
> I am trying to replace Bouncy Castle with OpenSSL for some of the
> operation in my android app.
>
> Right now, I can successfully encrypt a mail using OpenSSL and send it.
> But the problem comes when you are trying to decrypt the same email. I
> cant decrypt it on both the server as well as using bouncy castle.
>
> I am using the same certificate for both encryption and decryption. And
> when I try to decrypt OpenSSL encrypted content using OpenSSL Command Line,
> I dont face any problem.
>
> Any ideas what could be the issue?
>
> --
> Yash Dosi.
>
>

Reply via email to