Provide example how to use the windows keystore "Windows-MY" with minimum non-BC classes

[ralfhauser]

When we use the "Windows-MY" Keystore, it is possible to see the certficates without a problem.

When you want to decrypt an S/MIME, you see

`java.security.ProviderException: java.security.KeyException: The parameter is incorrect.

    at sun.security.mscapi.CRSACipher.doFinal(CRSACipher.java:312) ~[jdk.crypto.mscapi:?]
    at sun.security.mscapi.CRSACipher.engineDoFinal(CRSACipher.java:336) ~[jdk.crypto.mscapi:?]
    at javax.crypto.Cipher.doFinal(Cipher.java:2205) ~[?:?]
    at org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper.generateUnwrappedKey(Unknown Source) ~[bcpkix-jdk18on-1.73.jar:1.73.0]
    at org.bouncycastle.cms.jcajce.JceKeyTransRecipient.extractSecretKey(Unknown Source) ~[bcpkix-jdk18on-1.73.jar:1.73.0]

...
Caused by: java.security.KeyException: The parameter is incorrect.

    at sun.security.mscapi.CRSACipher.encryptDecrypt(Native Method) ~[jdk.crypto.mscapi:?]
    at sun.security.mscapi.CRSACipher.doFinal(CRSACipher.java:304) ~[jdk.crypto.mscapi:?]
    ... 20 more`

the private keys is: sun.security.mscapi.CPrivateKey

for comparison, using a pfx file the private key is: org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPrivateCrtKey

The cypher appears to be the "AES/CBC/PKCS5Padding, syKeyL 256b" for both "Windows-MY" and pfx ("2.16.840.1.101.3.4.1.42")

With maximum BC code , it fails in: content = recipInfo.getContentStream(recipient);

==> Please provide an example with maximum BC-code where decryption is still possible

[marijusGood]

using:
KeyStore.getInstance("Windows-MY"); and then keyStore.getKey(alias, password); and byte[] encoded = privateKey.getEncoded(); will return null.

[marijusGood]

This only happens if the key is labeled "not exportable" in "Windows-MY" keystore