Skip to Main Content

Java Card

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

error: java.security.ProviderException: Initialization failed

688396Jul 23 2008
H� people,

I have taken an error while I am debugging my code? It may be caused from config file. My aim is to connect and enter p�n and then store my external cert�f�cate to smart card which has not support for java card. I am using ACR38 Smart card reader and compliant smart card....

Hata: java.security.ProviderException: Initialization failed

************************************************************************
# pkcs11.config
name = Safesign
library = C:\WINDOWS\system32\siecap11.dll
slot=1
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_SENSITIVE=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_TOKEN=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_SIGN = true
}
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_PRIVATE=true
}
attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_MODIFIABLE=true
}

attributes(*,CKO_PRIVATE_KEY,*) = {
CKA_DERIVE=false
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_TRUSTED=true
}
attributes(*,CKO_CERTIFICATE,*) = {
CKA_TOKEN=true
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_MODIFIABLE=true
}

attributes(*,CKO_CERTIFICATE,*) = {
CKA_PRIVATE=true
}
****************************************************

My java program is that :

package test;
import java.io.*;
import java.util.*;
import java.lang.*;
import java.sql.*;
import java.text.*;
import java.math.*;
import java.security.*;
import java.security.cert.*;
import java.security.interfaces.*;
import javax.crypto.interfaces.*;
import javax.net.ssl.*;
import javax.crypto.*;
import javax.crypto.spec.DESKeySpec;
import java.security.KeyStore.*;

public class Main
{

private String configName = "C:\\Program Files\\Java\\jdk1.6.0_10\\jre\\lib\\security\\pkcs11.config";

private KeyStore ks=null;

public Main() {
}

public void loadID(String id)
{
try
{
ks.setEntry("id",new ID(id),new ProtectionParameterDummy());
}
catch(KeyStoreException e)
{
System.err.println("Failed to load ID to keystore");
}
}//loadID

public String retrieveID()
{
KeyStore.Entry entry=null;

try
{
entry=ks.getEntry("id",new ProtectionParameterDummy());
}
catch(NoSuchAlgorithmException e)
{

}
catch(UnrecoverableEntryException e)
{
System.err.println("Failed to retrieve ID to keystore");
}
catch(KeyStoreException e)
{
System.err.println("Failed to retrieve ID to keystore");
}

if (entry==null) {
return "noID";
}
else {
return ((ID)entry).getID();
}
}//loadID



public void login(String sPin) throws NoSuchProviderException, InvalidKeyException,
NoSuchPaddingException, InvalidAlgorithmParameterException
{
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);

try
{
char pin[] = sPin.toCharArray();
ks = KeyStore.getInstance("pkcs11");
ks.load(null,pin);
}
catch(KeyStoreException e1)
{
System.out.println("error 1"+e1);
}
catch(NoSuchAlgorithmException e2)
{
System.out.println("Error 2"+e2);
}
catch(CertificateException e3)
{
System.out.println("error 3"+e3);
}
catch(IOException e4)
{
System.out.println("error 4"+e4);
}
}//loginToken


private class ID implements KeyStore.Entry
{
String id_="";

ID(String id)
{
id_=id;
}

public String getID()
{
return id_;
}
}//ID



private class ProtectionParameterDummy implements KeyStore.ProtectionParameter
{

}//ProtectionParameterDummy



public static void main (String args[]) throws Exception
{
try
{
Main tl = new Main();
tl.login("PIN");
tl.loadID("9876");
//System.out.println("id: "+tl.retrieveID());
}
catch(Exception e)
{
System.out.println("Hata: " + e.toString());
e.printStackTrace();
}
}//main

}


Error is taken from this command....

Provider p = new sun.security.pkcs11.SunPKCS11(configName);

Comments

Zlatko Sirotic

Try this:

"jdbc:oracle:thin:jts_db_user/*******@gpdv6.sandia.gov:1525:gpdv6..world"

:gpdv6..world instead of /gpdv6..world

Regards,

Zlatko

beckyjmcd

That appears to be the SID style connection.  I just tried that but I am still getting the "Invalid Oracle URL specified".  Interestingly, if I use the ojdbc7.jar file instead of ojdbc8.jar, the SID and Service URLs both works fine.  It appears to be an issue with ojdbc8.jar but all of the documentation indicates you can pass username/password on the URL.

beckyjmcd

I wrote this test code to debug a jdbc connection issue I'm having with a COTS application and that COTS app requires jdbc8.jar.

Zlatko Sirotic

I tried to work with two database versions (11.2.0.4 and 12.1.0.2) and with three versions of ojdbc.jar (ojdbc7.jar, ojdbc8.jar / 12.2, ojdbc8.jar / 18.3).

In all six combinations getConnection(url) works well, with both variants (:SID and /SERVICE_NAME).

I use Java SE 8u202.

Regards,

Zlatko

Gaz in Oz

One issue will be you have 2 dots in your database string, between gpdv6 and world:

   String url = "jdbc:oracle:thin:jts_db_user/********@gpdv6.sandia.gov:1525/gpdv6..world";

   //                                                                              ^

Use a single dot.

beckyjmcd

The service name has two dots.  I tried removing one of the dots but I am still getting:

SQLSTate = "99999"

vendorCode = 17067

detailMessage = "Invalid Oracle URL specified"

cause = (SQLException@1307) "java.sql.SQLException:Invalid Oracle URL specified"

The weird thing is that the 2 dot syntax works fine with ojdbc7.jar.

This is against an Oracle 11.2.04 database but we tried it with a 12.2 database and both give the same error.

It's almost like we have something configured incorrectly at the database level.  My DBA has submitted an Oracle Service Request to help troubleshoot.

beckyjmcd

It's like we have some sort of database configuration issue because I cannot get ojdbc8.jar to work with 11.2.04 or 12.2 but the ojdbc7.jar works fine.  My DBA has submitted an Oracle Service Request to help troubleshoot the issue.

beckyjmcd

This is the configuration for the Oracle listener:

LISTENER11_gpdv6 =

  (ADDRESS_LIST =

    (ADDRESS = (PROTOCOL = IPC)(KEY = gpdv6.world))

    (ADDRESS = (PROTOCOL = IPC)(KEY = gpdv6))

    (ADDRESS = (PROTOCOL = TCP)(Host = gpdv6)(Port = 1525))

  )

PASSWORDS_LISTENER11_gpdv6 = (xxxxxxxxxxxxx)

VALID_NODE_CHECKING_REGISTRATION_LISTENER11_gpdv6 = ON

SID_LIST_LISTENER11_gpdv6 =

  (SID_LIST =

   (SID_DESC =

      (SID_NAME = gpdv6)

      (GLOBAL_DBNAME = gpdv6..world)

    )

  )

Gaz in Oz

The service name has two dots.

Indeed, 2 dot service names seem to be acceptable and work, as you have mentioned.

Setting up a 2 dot service_name for my 11.2.0.2.0 XE db by adding "xe..world" in listener.ora and compiling below java code with

ojdbc8.jar - Oracle JDBC driver: Release 12.2.0.1.0 from instantclient_12_2 and using JDK 1.8.0_144, works.

import java.sql.*;

import java.io.*;

import java.util.*;

public class conn {

   public static void main(String[] argv) throws SQLException, ClassNotFoundException {

      try {

         Class.forName("oracle.jdbc.driver.OracleDriver");

         String url = "jdbc:oracle:thin:gaz/gaz@localhost:1521/xe..world";

         System.out.println("Connect String: " + url);

         Connection conn = DriverManager.getConnection(url);

         System.out.println("Connected.");

         conn.close();

         conn = null;

      } catch(SQLException e) {

         // e.printStackTrace();

         System.out.println("ERROR: " + e.getMessage());

      }

   }

}

F:\java>javac conn.java

F:\java>java conn

Connect String: jdbc:oracle:thin:gaz/gaz@localhost:1521/xe..world

Connected.

F:\java>

beckyjmcd

I have had other people say they are able to get the exact same Java code to connect with ojdbc8.jar so I'm thinking there must be an issue on the Oracle server side (maybe a configuration setting) that is causing this not to work.

My DBA has opened a support case with Oracle technical support.  Still waiting for a resolution.  This is very odd.

1 - 10
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Aug 20 2008
Added on Jul 23 2008
0 comments
1,081 views