2 Replies Latest reply: Aug 27, 2013 7:58 AM by 9413b0c0-8fe8-45ea-9771-b35bb058e215 RSS

    Access to StarKey USB Token (SafeSign) with PKCS11 Java

    947579
      Hello guys,

      iam trying to access my StarKey USB Token with Java using PKCS11.
      I've already read the guide under http://docs.oracle.com/javase/1.5.0/docs/guide/security/p11guide.html and it still doesnt work.

      I tried following codings:
      Coding 1:_
      -----------------------------------------------------------------------------
      +public static void main(String[] args) throws InterruptedException {+

      +//Load the implementation of PKCS11+
      String pkcs11ConfigFile = "C:\\Users\\*******\\pksc11.cfg";
      Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(pkcs11ConfigFile);


      Security.addProvider(pkcs11Provider);

      +//PIN is used to protect the information strored in the card+
      char [] pin = {'1', '2', '3', '4'};

      +try {+

      +//Load KeyStore+

      System.out.println(KeyStore.getDefaultType());
      KeyStore smartCardKeyStore =  KeyStore.getInstance("PKCS11",pkcs11Provider);

      smartCardKeyStore.load(null, pin);

      +//Get the enumeration of the entris in the keystore+
      Enumeration aliasesEnum = smartCardKeyStore.aliases();
      +while (aliasesEnum.hasMoreElements()) {+

      +//Print alias+
      String alias = (String) aliasesEnum.nextElement();
      System.out.println("Alias: " alias);+
      +//Print certificate+
      X509Certificate cert = (X509Certificate) smartCardKeyStore.getCertificate(alias);
      System.out.println("Certificate: " cert);+
      +//Print public key+
      PublicKey publicKey = cert.getPublicKey();
      System.out.println("Public key: " publicKey);+
      +//Print private key+
      PrivateKey privateKey = (PrivateKey) smartCardKeyStore.getKey(alias, null);
      System.out.println("Private key: " privateKey);+
      +//Encryption/Decryption Test+
      byte[] plainText = new String("Hello World!").getBytes();
      byte[] cipherText = privateEncrypt(plainText, privateKey);
      System.out.println("Cipher Text: " byte2hex(cipherText));+
      byte[] decryptedText = publicDecrypt(cipherText, publicKey);
      System.out.println("Decrypted Text: " new String(decryptedText));+

      +}+
      +} catch (Exception e) {+
      e.printStackTrace();
      +}+
      +}+

      -------------------------------------------------------------
      Getting following error:
      no such algorithm: PKCS11 for provider SunPKCS11-SafeSign
      or if i remove provider from :
      KeyStore smartCardKeyStore =  KeyStore.getInstance("PKCS11",pkcs11Provider); to --> KeyStore smartCardKeyStore =  KeyStore.getInstance("PKCS11");
      i get following error:
      PKCS11 KeyStore not available

      My pksc11.cfg looks like this:
      name = SafeSign
      library = c:\windows\system32\aetpkss1.dll
      -------------------------------------------------------------
      -------------------------------------------------------------
      -------------------------------------------------------------

      Coding 2:*
      If i use certgate_p11.dll instead of aetpkss1.dll
      i get:
      Exception in thread "main" java.security.ProviderException: Initialization failed
      +     at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:374)+
      +     at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)+
      +     at ShowCardContents.main(ShowCardContents.java:24)+
      Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_FUNCTION_FAILED
      +     at sun.security.pkcs11.wrapper.PKCS11.C_Initialize(Native Method)+
      +     at sun.security.pkcs11.wrapper.PKCS11$SynchronizedPKCS11.C_Initialize(PKCS11.java:1484)+
      +     at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:156)+
      +     at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:329)+
      +     ... 2 more+

      I hope you can help me.

      thanks


      edit:

      Iam Using Windows7 with admin rights, jdk 1,7 and eclipse-java-indigo-SR1-win32

      Edited by: 944576 on 05.07.2012 01:37