Results 1 to 4 of 4
Like Tree2Likes
  • 2 Post By skorpionking

Thread: Access to KeyStore

  1. #1
    skorpionking is offline Member
    Join Date
    Nov 2009
    Posts
    5
    Rep Power
    0

    Default Access to KeyStore

    Hello togehter,

    i have a SmartCard, which includes Certificates. These certificates are accessible via a KeyStore.
    My target is to read the certificates.

    The access with the SUN-JDK (32-Bit) works like this:
    Java Code:
    java.security.Provider provider = new sun.security.pkcs11.SunPKCS11( PATH );
    Security.addProvider( provider );
    KeyStore keyStore = KeyStore.getInstance( "PKCS11", provider );
    keyStore.load( null, PIN.toCharArray() );
     
    Enumeration aliasesEnum = keyStore.aliases();
    while ( aliasesEnum.hasMoreElements() )
    {
         String alias = (String) aliasesEnum.nextElement();
         System.out.println( "Alias: " + alias );
         Certificate cert = keyStore.getCertificate( alias );
         System.out.println( "Certificate: " + cert );
         PrivateKey privateKey = (PrivateKey) keyStore.getKey( alias, null );
         System.out.println( "Private key: " + privateKey );
    }
    But instead of SUN-JDK, I have to use the IBM-JDK.
    The access via IBM-JDK should work like this:
    Java Code:
    com.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl provider = new com.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl( PATH );
    Security.insertProviderAt( provider, 1 );
    KeyStore keyStore = KeyStore.getInstance( "PKCS11IMPLKS", provider );
    keyStore.load( null, PIN.toCharArray() );    // <- here occurs the exception
     
    Enumeration aliasesEnum = keyStore.aliases();
    while ( aliasesEnum.hasMoreElements() )
    {
         String alias = (String) aliasesEnum.nextElement();
         System.out.println( "Alias: " + alias );
         Certificate cert = keyStore.getCertificate( alias );
         System.out.println( "Certificate: " + cert );
         PrivateKey privateKey = (PrivateKey) keyStore.getKey( alias, null );
         System.out.println( "Private key: " + privateKey );
    }
    Unfortunately, I get the following exception in the marked line:
    Java Code:
    Exception in thread "main" java.security.KeyStoreException: com.ibm.pkcs11.PKCS11Exception: Template is incomplete
        at java.security.KeyStore$Builder$BuilderImpl.getKeyStore(KeyStore.java:707)
    ...
    Can anyone possibly help, who knows what the problem might be?

    Best Regards
    skorpionking

  2. #2
    skorpionking is offline Member
    Join Date
    Nov 2009
    Posts
    5
    Rep Power
    0

    Default Re: Access to KeyStore

    Has anyone an idea?

    Regards skorpionking

  3. #3
    skorpionking is offline Member
    Join Date
    Nov 2009
    Posts
    5
    Rep Power
    0

    Default Re: Access to KeyStore

    Hello,

    the problem was solved.
    Cause was the IBMPKCS11 who wanted to write to the smart card, even though this was readonly.
    This was probably caused an internal error.
    Details can be found at the following link:
    https://www.ibm.com/developerworks/c...0-000013941775

    To solve the problem, you hav to add the following lines to the config-file, which was passed by the initilization of the provider in the PATH variable:
    Java Code:
    disabledMechanisms = {
    CKM_RSA_PKCS_KEY_PAIR_GEN
    }
    After that the access should work.

    I thank all who have helped me.

    Best regards skorpionking
    DarrylBurke and PhHein like this.

  4. #4
    PhHein's Avatar
    PhHein is offline Senior Member
    Join Date
    Apr 2009
    Location
    Germany
    Posts
    1,430
    Rep Power
    6

    Default Re: Access to KeyStore

    Thanks for sharing the solution!
    Math problems? Call 1-800-[(10x)(13i)^2]-[sin(xy)/2.362x]
    The Ubiquitous Newbie Tips

Similar Threads

  1. Replies: 0
    Last Post: 03-20-2013, 08:17 AM
  2. convert keystore.ks into pem
    By mauro in forum Advanced Java
    Replies: 1
    Last Post: 12-09-2011, 01:02 PM
  3. Three certificates and one keystore
    By peterv6i in forum Advanced Java
    Replies: 0
    Last Post: 05-05-2011, 02:35 PM
  4. Generating a Keystore
    By techbossmb in forum Java Applets
    Replies: 2
    Last Post: 09-30-2009, 07:31 PM
  5. GNU-compatible keystore
    By OrangeDog in forum Advanced Java
    Replies: 0
    Last Post: 04-30-2009, 02:50 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •