Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Error: java.security.ProviderException: Initialization failed

688396Jul 23 2008 — edited Jul 23 2008
H� people,

I have taken an error while I am debugging my code? It may be caused from config file. My aim is to connect and enter p�n and then store my external cert�f�cate to smart card which has not support for java card. I am using ACR38 Smart card reader and compliant smart card....

Hata: java.security.ProviderException: Initialization failed

************************************************************************
# pkcs11.config
name = Safesign
library = C:\WINDOWS\system32\siecap11.dll
slot=1
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_SENSITIVE=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_TOKEN=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_SIGN = true
}
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_PRIVATE=true
}
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_MODIFIABLE=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_DERIVE=false
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_TRUSTED=true
}
attributes(*,CKO_CERTIFICATE,*) = {
CKA_TOKEN=true
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_MODIFIABLE=true
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_PRIVATE=true
}
****************************************************

My java program is that :

package test;
import java.io.*;
import java.util.*;
import java.lang.*;
import java.sql.*;
import java.text.*;
import java.math.*;
import java.security.*;
import java.security.cert.*;
import java.security.interfaces.*;
import javax.crypto.interfaces.*;
import javax.net.ssl.*;
import javax.crypto.*;
import javax.crypto.spec.DESKeySpec;
import java.security.KeyStore.*;

public class Main
{

private String configName = "C:\\Program Files\\Java\\jdk1.6.0_10\\jre\\lib\\security\\pkcs11.config";

private KeyStore ks=null;

public Main() {
}

public void loadID(String id)
{
try
{
ks.setEntry("id",new ID(id),new ProtectionParameterDummy());
}
catch(KeyStoreException e)
{
System.err.println("Failed to load ID to keystore");
}
}//loadID


public String retrieveID()
{
KeyStore.Entry entry=null;

try
{
entry=ks.getEntry("id",new ProtectionParameterDummy());
}
catch(NoSuchAlgorithmException e)
{

}
catch(UnrecoverableEntryException e)
{
System.err.println("Failed to retrieve ID to keystore");
}
catch(KeyStoreException e)
{
System.err.println("Failed to retrieve ID to keystore");
}

if (entry==null) {
return "noID";
}
else {
return ((ID)entry).getID();
}
}//loadID



public void login(String sPin) throws NoSuchProviderException, InvalidKeyException,
NoSuchPaddingException, InvalidAlgorithmParameterException
{
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);

try
{
char pin[] = sPin.toCharArray();
ks = KeyStore.getInstance("pkcs11");
ks.load(null,pin);
}
catch(KeyStoreException e1)
{
System.out.println("error 1"+e1);
}
catch(NoSuchAlgorithmException e2)
{
System.out.println("Error 2"+e2);
}
catch(CertificateException e3)
{
System.out.println("error 3"+e3);
}
catch(IOException e4)
{
System.out.println("error 4"+e4);
}
}//loginToken


private class ID implements KeyStore.Entry
{
String id_="";

ID(String id)
{
id_=id;
}

public String getID()
{
return id_;
}
}//ID



private class ProtectionParameterDummy implements KeyStore.ProtectionParameter
{

}//ProtectionParameterDummy



public static void main (String args[]) throws Exception
{
try
{
Main tl = new Main();
tl.login("PIN");
tl.loadID("9876");
//System.out.println("id: "+tl.retrieveID());
}
catch(Exception e)
{
System.out.println("Hata: " + e.toString());
e.printStackTrace();
}
}//main

}

Comments

Answer

What platform are you on? What are the permissions for the keyfile and directory containing the keyfile? In particular, are the file/directory permission set to permit only the current user to read them? Our new library defaults to enforcing the recommended SSH security practice of having keyfiles be readable by only the current user.

Marked as Answer by Robert Schaefer · Jan 2 2020
3 people found this helpful
Robert Schaefer

Hi John,

i'm running SQL Developer on MacOS 10.15.2. The file permission for the private key is limited to "rw-------" (600). But the directory (".ssh") containing the keys has a lower permission level with "rwxr-xr-x". I limited it to "rwx------" and now the SSH Connections in SQL Developer are working again! Great support, thank you!

1 person found this helpful

I'm glad that you were able to solve your issue. The lack of proper feedback with our new SSH library is something I am looking into. In a future release I hope to provide detailed information when we run into a configuration issue.

2 people found this helpful
YujiSoftware

I had the same problem in my environment.
(SQLDeveloper version 21.2.1.204, build 204.1703)

After investigating the cause, I found that it was a bug in Apache Mina SSHD 2.6.0.
https://issues.apache.org/jira/browse/SSHD-1105
(I've confirmed that this fix solves the problem)

This bug has been fixed in sshd-2.7.0.

I want you to update the version of sshd included in SQLDeveloper.

John McGinnis-Oracle

Thanks for the update. Can you test in your environment with our 21.4.3 release? We updated to sshd-2.7.0 in that release, so hopefully it works out of the box.

1 person found this helpful
YujiSoftware

Thank you for your comment.
After upgrading, it worked fine!
(SQL Developer version 21.4.3.063, build 063.0100)

The Japanese page is still 21.2.1, so I'd be happy if you could update it.
https://www.oracle.com/jp/tools/downloads/sqldev-downloads.html

1 - 6
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Aug 20 2008
Added on Jul 23 2008
#cryptography
1 comment
423 views