Menu
▾
▴
Re: [Opensc-devel] Fwd: Java PKCS#11 provider throws NoSuchAlgorithmException
|
From: Anders R. <and...@gm...> - 2015-10-27 14:41:32
|
On 2015-10-27 15:35, Anders Rundgren wrote: > On 2015-10-27 15:28, Ernie Kovak wrote: > Ernie, > > Oracle/SUN never ported the PKCS #11 wrapper to Windows... > They do have a CAPI wrapper though (but never tested). I was wrong. For JDK 8 they have finally shipped a 64-bit version, yay! Anders > > Anders > >> Hello - >> >> I'm new to OpenSC and just trying it out. My goal is CAC authentication from a Java thick client on Windows 7 using NSS in FIPS mode. I imagine it'll take some work to put all those things together. :) >> >> My first step was to verify the Java PKCS#11 provider, without NSS. I've installed the nightly Windows build, opensc-0.15.0g20150914124137-win64.msi, and the opensc tools are able to access my card both through a built-in reader and a USB reader. >> >> I'm using some example code from https://github.com/emergya/opensc-testing: >> >> Provider p = new sun.security.pkcs11.SunPKCS11("opensc-cfg.txt"); >> Security.insertProviderAt(p, 0); >> KeyStore cac = KeyStore.getInstance("PKCS11", p); >> >> The call to KeyStore.getInstance throws this exception and cause: >> >> java.security.KeyStoreException: PKCS11 not found >> java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-OpenSC >> >> When I list the provider's services there are none. >> >> Here's my config file contents (based on example at opensc-testing): >> >> name = OpenSC >> library = C:/Windows/System32/opensc-pkcs11.dll >> slot = -1 >> attributes = compatibility >> attributes(*,*,*)= >> { >> CKA_TOKEN=true >> CKA_LOCAL=true >> } >> >> I've turned up the OpenSC debug level, and the call to the SunPKCS11 constructor invokes OpenSC and writes a lot of output to my log (attached). >> >> I've read everything I could find, and I think my setup and code is correct. Did I miss something? >> >> Any help will be appreciated - thanks in advance! >> >> Ernie >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> >> >> _______________________________________________ >> Opensc-devel mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensc-devel >> > |
