Hello I'm trying to access the keystore from my smartcard in Java. And I'm using the following code..
开发者_如何转开发I'm using the Pkcs11 implementation of OpenSc http://www.opensc-project.org/opensc
File windows.cnf =
name=dnie
library=C:\WINDOWS\system32\opensc-pkcs11.dll
Java Code =
String configName = "windows.cnf"
String PIN = "####";
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);
KeyStore keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-dnie"); =)(=
char[] pin = PIN.toCharArray();
keyStore.load(null, pin);
When the execution goes by the line with =)(= throws me the following exception
java.security.KeyStoreException: PKCS11 not found
at java.security.KeyStore.getInstance(KeyStore.java:635)
at ObtenerDatos.LeerDatos(ObtenerDatos.java:52)
at ObtenerDatos.obtenerNombre(ObtenerDatos.java:19)
at main.main(main.java:27)
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-dnie
at sun.security.jca.GetInstance.getService(GetInstance.java:70)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:190)
at java.security.Security.getImpl(Security.java:662)
at java.security.KeyStore.getInstance(KeyStore.java:632)
I think the problem is "SunPKCS11-dnie", but I don't know to put there. I had tried with a lot of combinations...
Anyone can help me...
I was also getting the error as below:
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11
I am running the application from a jar through bat file.
I bat file I replaced the code : java - jar sign.jar
with code: java -Djava.security.debug=sunpkcs11,pkcs11 -jar SigningUtility.jar
And it solved the issue.
I am not sure the problem is the name. It looks correct. ColinD's suggestion to pass the Provider
instance should rule it out as a problem.
I am guessing that the problem is with the PKCS11 support. Like, you don't have a card in your reader, or the native code cannot access the reader. Have you tried using this driver in conjunction with some "known good" software, like Firefox or Thunderbird's security modules?
Why don't you just pass the Provider
directly as the second argument to KeyStore.getInstance(String, Provider). In your code you'd just do:
KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
Try the below code:
// Create instance of SunPKCS11 provider
String pkcs11Config = "name=eToken\nlibrary=C:\\Windows\\System32\\eps2003csp11.dll";
java.io.ByteArrayInputStream pkcs11ConfigStream = new java.io.ByteArrayInputStream(pkcs11Config.getBytes());
sun.security.pkcs11.SunPKCS11 providerPKCS11 = new sun.security.pkcs11.SunPKCS11(pkcs11ConfigStream);
java.security.Security.addProvider(providerPKCS11);
// Get provider KeyStore and login with PIN
String pin = "12345678";
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("PKCS11", providerPKCS11);
keyStore.load(null, pin.toCharArray());
it is working fine for me.
精彩评论