Forum Stats

  • 3,838,712 Users
  • 2,262,395 Discussions


Accessing Windows keystore and popup

941029 Member Posts: 10
edited Jan 29, 2015 3:08AM in Cryptography


I have implemented an applet for generating XML signature. Everything is working very weel with exception of accessing the Windows keystore. If the certificates are inside Windows keystore (they were imported from p12 or pfx) file Windows nicely prompts for password or confirmation when the private key is requested. But when I install smart card (Gemalto, Activ Identity) on any Windows OS the Windows starts displaying "Insert smart card" window for every certificate which is on the smart card - for example if I have 4 certificates on smart card the window is displayed for four times. The user has to press cancel (there is no other option for four time and then the communication between smart card, windows and java works fluently) I have located which part of my code causes it:

KeyStore keystore = KeyStore.getInstance("WINDOWS-MY", "SunMSCAPI");

keystore.load(null, "password".toCharArray());

It is the load method of the KeyStore class. Even if I change call to load(null, null) windows work the same way. Is there any known workaround for this behaviour?

I have also browsed internet for this issue and I have found potential solution in this thread: Java security - MSCAPI provider: How to use without password popup? - Stack Overflow. The solution says: "To set the password through CAPI, you must call CryptSetKeyParam with the undocumented KP_KEYEXCHANGE_PIN or KP_SIGNATURE_PIN and hope your underlying hardware token provider supports it." Does anyone know how to call this CryptoSetKeyParam?

Thanks for your answers!

This discussion has been closed.