How to add PKCS11 KeystoreType in list of GUI

Help
2012-08-29
2013-04-25
  • I try to use HSM for signing PDF.
    From a quick guide in 6.1 conf.properties said that PKCS#11 support
    Then i try to set conf.properties file by setting properity name -> pkcs11config.path=conf/pkcs11.cfg
    and set pkcs11.cfg file by setting properity name -> library = {dll path of HSM}
    but from a GUI don't show keystore type = PKCS11 so how to confige JSignPDF to show keystore type = PKCS11 in the list ?
    Thank you very much.

     
  • Josef Cacek
    Josef Cacek
    2012-08-30

    Please, try to run JSignPdfC.exe from a console window, you should see debug messages there and I think there will be also some error report about PKCS#11 initialization.

     
  • As your suggest the output is show below this.

    C:\Program Files (x86)\JSignPdf>JSignPdfC
    Unable to register SunPKCS11 security provider.
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

            at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)

            at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Sou
    rce)
            at java.lang.reflect.Constructor.newInstance(Unknown Source)
            at net.sf.jsignpdf.utils.PKCS11Utils.registerProvider(PKCS11Utils.java:6
    1)
            at net.sf.jsignpdf.Signer.main(Signer.java:97)
    Caused by: java.security.ProviderException: Error parsing configuration
            at sun.security.pkcs11.Config.getConfig(Config.java:71)
            at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
            at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
            … 6 more
    Caused by: sun.security.pkcs11.ConfigurationException: Unexpected value Token['(
    '], line 13
            at sun.security.pkcs11.Config.excToken(Config.java:339)
            at sun.security.pkcs11.Config.parseLine(Config.java:553)
            at sun.security.pkcs11.Config.parseLibrary(Config.java:617)
            at sun.security.pkcs11.Config.parse(Config.java:362)
            at sun.security.pkcs11.Config.<init>(Config.java:194)
            at sun.security.pkcs11.Config.getConfig(Config.java:67)
            … 8 more

    Could you please suggest on this error?

     
  • Josef Cacek
    Josef Cacek
    2012-08-30

    sun.security.pkcs11.ConfigurationException: Unexpected value
    > Token['(
    > '], line 13

    It seems, you have something wrong in the configuration file pkcs11.cfg.  If there are parentheses or other special characters, try to escape them with the backslash:
    library=C:\\Program Files \(x86\)\\abc\\def.dll

     
  • For more infomation, this is config value in the configure file both conf.properties and pkcs11.cfg that i have set

    --------------- conf.properties file ---------------
    certificate.checkCriticalExtensions=false
    pkcs11config.path=conf/pkcs11.cfg
                      -----------------------------

    --------------- pkcs11.conf ---------------
    name=JSignPdf
    library = C:\Program Files (x86)\LunaSA\cryptoki.dll
                      -----------------------------

    Thank you in your advance for your answer.
    Hikaru

     
  • Josef Cacek
    Josef Cacek
    2012-08-30

    As I've suggested in the example - you should escape the special characters:

    library = C:\\Program Files \(x86\)\\LunaSA\\cryptoki.dll

     
  • Hi,kwart

    It look like still the same errors after i have changed pkcs11.cfg as your suggestion.
    pkcs11.cfg -> library = C:\\Program Files \(x86\)\\LunaSA\\cryptoki.dll

    C:\Program Files (x86)\JSignPdf>JSignPdfC
    Unable to register SunPKCS11 security provider.
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

            at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)

            at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Sou
    rce)
            at java.lang.reflect.Constructor.newInstance(Unknown Source)
            at net.sf.jsignpdf.utils.PKCS11Utils.registerProvider(PKCS11Utils.java:6
    1)
            at net.sf.jsignpdf.Signer.main(Signer.java:97)
    Caused by: java.security.ProviderException: Error parsing configuration
            at sun.security.pkcs11.Config.getConfig(Config.java:71)
            at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
            at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
            … 6 more
    Caused by: sun.security.pkcs11.ConfigurationException: Unexpected value Token['(
    '], line 13
            at sun.security.pkcs11.Config.excToken(Config.java:339)
            at sun.security.pkcs11.Config.parseLine(Config.java:553)
            at sun.security.pkcs11.Config.parseLibrary(Config.java:617)
            at sun.security.pkcs11.Config.parse(Config.java:362)
            at sun.security.pkcs11.Config.<init>(Config.java:194)
            at sun.security.pkcs11.Config.getConfig(Config.java:67)
            … 8 more

    Thanks a lot,
    Hikaru

     
  • Josef Cacek
    Josef Cacek
    2012-08-30

    Maybe the simplest solution: Install the smartcard software to a more safe location (without the special characters).

     
  • Hi kwart,

        I will test again following your suggestion. Thanks for your kind support.

    Hikaru