Encryption::RsaDecryptAndVerify | ||
Description | ||
Decrypt and verify an enveloped CMS/PKCS #7 message. This plugin uses the decryption routines in Bouncy Castle. Note: - Dump the pfx
file to see what the KeySpec flag is set to: - Set the KeySpec
flag to AT_KEYEXCHANGE and import the certificate into the current user
"My" store: Once the new certificate
is imported into the current user My store it can be exported again to
a PKCS#12 .pfx file which will have the KeySpec flag set correctly. This
pfx file can be used for decryption. |
||
Options | ||
Datafile to decrypt/verify |
The enveloped CMS/PKCS #7 file to decrypt and verify. | |
Outputfile |
The decrypted and verified outputfile. | |
Decryption
Private-Key file |
Optional.
The PKCS#12 private-key file (pfx) used to decrypt the message. Note-2: Note-1 means that if a matching certificate is found which is of the wrong type or has no private-key the decrypt will fail, even if the configured .pfx certificate may be correct! In this case remove the certificate from the "My" store using the certmgr.exe utility. |
|
Password |
The password required to access the X.509 certificate data. | |
Verify
Signer Certificate |
If enabled, verifies the digital signature on the signed CMS/PKCS #7 message and validates the signers' certificate. |