Menu
▾
▴
[Opensc-devel] Fwd: Java PKCS#11 provider throws NoSuchAlgorithmException
|
From: Ernie K. <ern...@gm...> - 2015-10-27 14:28:09
|
Hello - I'm new to OpenSC and just trying it out. My goal is CAC authentication from a Java thick client on Windows 7 using NSS in FIPS mode. I imagine it'll take some work to put all those things together. :) My first step was to verify the Java PKCS#11 provider, without NSS. I've installed the nightly Windows build, opensc-0.15.0g20150914124137-win64.msi, and the opensc tools are able to access my card both through a built-in reader and a USB reader. I'm using some example code from https://github.com/emergya/opensc-testing: Provider p = new sun.security.pkcs11.SunPKCS11("opensc-cfg.txt"); Security.insertProviderAt(p, 0); KeyStore cac = KeyStore.getInstance("PKCS11", p); The call to KeyStore.getInstance throws this exception and cause: java.security.KeyStoreException: PKCS11 not found java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-OpenSC When I list the provider's services there are none. Here's my config file contents (based on example at opensc-testing): name = OpenSC library = C:/Windows/System32/opensc-pkcs11.dll slot = -1 attributes = compatibility attributes(*,*,*)= { CKA_TOKEN=true CKA_LOCAL=true } I've turned up the OpenSC debug level, and the call to the SunPKCS11 constructor invokes OpenSC and writes a lot of output to my log (attached). I've read everything I could find, and I think my setup and code is correct. Did I miss something? Any help will be appreciated - thanks in advance! Ernie |
