Using pkcs11 provider

hi to all
i'm trying to develope an applet to sign documents using my smart card. This card use incryptoki2.dll driver.
When i try to execute this code:
Signature signatureAlgorithm =
         Signature.getInstance(DIGITAL_SIGNATURE_ALGORITHM_NAME);
signatureAlgorithm.initSign(aPrivateKey);
-> signatureAlgorithm.update(aDocument);where DIGITAL_SIGNATURE_ALGORITHM_NAME = SHA1withRSA, I get a SignatureException. The error message i CKR_FUNCTION_NOT_SUPPORTED. I can't understand if the problem is located in the incryptoki2.dll, that not support such function, or depends on my code
Could someone help me?

You will get the
CKR_FUNCTION_NOT_SUPPORTED
if you do not login to the token.
Please see the following thread.
http://forum.java.sun.com/thread.jspa?threadID=572349
Can you use Lolo's code to sign ?
I am having some trouble creating a PKCS7 MIME message but this problem is different.
That forum is at
http://forum.java.sun.com/thread.jspa?threadID=751296
If you do not know your certificates Alias try the following
java.security.Provider oProvider = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(oProvider);
KeyStore oKeyStoreToken = KeyStore.getInstance("PKCS11");
java.security.Key oPrivateKey = null;
java.security.cert.Certificate oPublicCertificate = null;
oKeyStoreToken.load(null, "1234".toCharArray());
System.out.println("Loaded");
for(Enumeration oEnum = oKeyStoreToken.aliases() ; oEnum.hasMoreElements();){
  String sAlias = (String) oEnum.nextElement();
  System.out.println("Alias : " + sAlias);
}If you have any questions just post another reply :)
I will post code to create a SMIME ASAFIO (As soon as I figure it out ;) )
I can do it at the moment with a key from disk but I am having some trouble using the SMIME generators from the Bouncy Castle provider with keys from the sun PKCS11 provider.
** Phill **

Similar Messages

  • Problem in accessing 2 certificates in smart card using Sun PKCS11 Provider

    I have stored 2 certificates in iKey. To acess and use them in Java I am using Sun PKCS11 Provider.
    The program is .
    1. The keyStore.aliases() is returning 1 alias only(instead of 2).
    2. Throwing following error when accessing the private key using
    code: PrivateKey pvt = keyStore.getKey(alias, null);
    Error Message Detail:
    "KeyStoreException: invalid KeyStore state: found 2 private keys sharing CKA_ID 0x00"
    at Sun .. P11KeyStore.getTokenObject(P11KeyStore.java:2135)
    at ...P11KeyStore.engineGetKey(P11KeyStore.java:292

    Did you look at this, Does it help you, Since no one has answered all day, and I will assume you searched for that error first, perhaps you could provide some more detail?
    http://forum.java.sun.com/thread.jspa?threadID=5195275&tstart=15
    Message was edited by:
    mdares

  • Problem loading the Firefox PKCS11 provider

    I'm trying to load the Firefox PKCS11 provider (softokn3.dll), but I always get the following error:
    Exception in thread "main" java.security.ProviderException: Initialization failed
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:340)
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
    at javapkcs11test.Main.main(Main.java:24)
    Caused by: java.io.IOException: The specified module could not be found.
    C:\Program Files\Mozilla Firefox\softokn3.dll
    at sun.security.pkcs11.wrapper.PKCS11.connect(Native Method)
    at sun.security.pkcs11.wrapper.PKCS11.<init>(PKCS11.java:141)
    at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:154)
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:281)
    ... 2 more
    I've already read this thread [http://forums.sun.com/thread.jspa?threadID=5298971] which handles the same problem, but there was no solution provided that helped me.
    My code is the following:
    String configName = "c:/pkcs11.config";
            Provider p = new sun.security.pkcs11.SunPKCS11(configName);
            Security.addProvider(p);and my pkcs11.config looks like this:
    name=NSSSoftToken
    slot=2
    #nssLibraryDirectory = C:\\Program Files\\Mozilla Firefox\\
    #nssSecmodDirectory = "C:\\Documents and Settings\\sdm\\Application Data\\Mozilla\\Firefox\\Profiles\\tjx04kze.default"
    #nssModule = fips
    library=C:\Program Files\Mozilla Firefox\softokn3.dll
    nssArgs="configDir='C:\\Documents and Settings\\sdm\\Application Data\\Mozilla\\Firefox\\Profiles\\tjx04kze.default' certPrefix='' keyPrefix='' secmod='secmod.db' flags=readOnly"As you can see, I commented out a few lines I tried before but that also didn't work, I tried those after reading [http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html#NSS]
    Can anyone tell me what the problem is? And it's not that it can't find the DLL file, because when i type a wrong path on purpose it gives me another error: "file doesn't exist".
    I really need to get this to work, because the eventual goal is to get it to work in C++, but as i'm not very familiar with C++, I first decided to try and make it work in Java, but even that doesn't work.
    Thanks in advance to anyone who wants to help me!

    I found the solution myself because of a related problem I had while trying to do the same in C++.
    The problem is that softokn3.dll needs to load most of the DLL files in the Program Files/Mozilla Firefox directory, but it can't find those because it's not looking for them there. When you copy all those DLL's to the WINDOWS/system32 folder, the error "Caused by: java.io.IOException: The specified module could not be found." doesn't occur anymore.
    To be able to read certificates from this store, change the pkcs11.config file as follows:
    name=NSSSoftToken
    slot=2
    library=C:\Program Files\Mozilla Firefox\softokn3.dll
    nssArgs="configDir='C:/Documents and Settings/sdm/Application Data/Mozilla/Firefox/Profiles/tjx04kze.default' certPrefix='' keyPrefix='' secmod='secmod.db' flags=readOnly"Mind the single slash / in the configDir path! If you use double backslashes \\ it won't work!

  • Error message: AgServerMigration ERROR Using store provider as a session is deprecated.

    Hi.  I'm using a MacBook Pro, OS X 10.6.5.  I have been opening files in Lightroom, editing them, and then doing finishing touches in CS5.  When I save the file in CS5 and close it, my Mac returns the above message in Console eight times:
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    AgServerMigration ERROR Using store provider as a session is deprecated.
    I have no idea what this means, or whether it is a problem.  Does anyone know what this is?
    Thanks.

    I see the same thing and have done for some time. The actual file is being saved back. etc. So, in that respect both Lr and Ps are working fine. IOW, ignore it.

  • In a future version of ibook author would be very useful to provide for the creation of shared content online. Teachers can collaborate on the creation of a text. Very useful for teachers to collaborate in the network. sharing sharing sharing

    in a future version of ibook author would be very useful to provide for the creation of shared content online.
    Teachers can collaborate on the creation of a text. Very useful for teachers to collaborate in the network. sharing sharing sharing

    As always, feel free to use the 'Provide iBooks Author Feedback' menu item for features you'd like added in the future, etc. 
    http://www.apple.com/feedback/ibooks-author.html

  • How to use Db Provider Factories with System.Data.SqlServerCe

    I'm using SQL Server Compact Edition, but in the future I would like to be able to switch to another SQL Server Edition or even a different database. To achieve this, Microsoft recommends using DB Provider Factories (see: Writing Provider Independent Code in ADO.NET, http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=674426&SiteID=1).
    I enumerated the available data providers on my PC with:
    Code Snippet
    System.Reflection.Assembly[] myAssemblies = System.Threading.Thread.GetDomain().GetAssemblies();
    The important entry is:
    "SQL Server CE Data Provider"
    ".NET Framework Data Provider for Microsoft SQL Server 2005 Mobile Edition"
    "Microsoft.SqlServerCe.Client"
    "Microsoft.SqlServerCe.Client.SqlCeClientFactory, Microsoft.SqlServerCe.Client, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"
    When executing:
    Code SnippetdataFactory = DbProviderFactories.GetFactory("System.Data.SqlServerCe");
    I got at first this error run time message:
    Failed to find or load the registered .Net Framework Data Provider.
    I added a reference to "Microsoft.SqlServerCe.Client" at C:\Programme\Microsoft Visual Studio 8\Common7\IDE\Microsoft.SqlServerCe.Client.dll and the program runs.
    Of course, it uses "Microsoft.SqlServerCe.Client" instead of "System.Data.SqlServerCe". Laxmi Narsimha Rao ORUGANTI from Microsoft writes in the post  "SSev and Enterprise Library" that "Microsoft.SqlServerCe.Client" is not meant to be used and that we should add the following entry to the machine.config file:
    Code Snippet<add name="SQL Server Everywhere Edition Data Provider" invariant="System.Data.SqlServerCe" description=".NET Framework Data Provider for Microsoft SQL Server Everywhere Edition" type="System.Data.SqlServerCe.SqlCeProviderFactory, System.Data.SqlServerCe, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
    After changing the code to:
    Code Snippet
    dataFactory = DbProviderFactories.GetFactory("Microsoft.SqlServerCe.Client");
    I get the same error message as before, even after adding a reference to "System.Data.SqlServerCe"  at C:\Programme\Microsoft Visual Studio 8\Common7\IDE\System.Data.SqlServerCe.dll.
    Any suggestion what I should do ? Just use "Microsoft.SqlServerCe.Client" ? Anyway, I don’t like the idea that I have to change the machine.config file, since I want to use click once deployment.

    It seems there is no DbProviderFactory for System.Data.SqlServerCe. At least I couldn’t find one, no matter how hard I searched on the Internet. I only found Microsoft.SqlServerCe.Client.SqlCeClientFactory. But we are not supposed to use Microsoft.SqlServerCe.Client and the 2 classes do have quiet some differences among their members. So I decided to write my own factory:
    Code Snippet
    public class SqlCeClientFactory: DbProviderFactory {
    public static readonly SqlCeClientFactory Instance = new SqlCeClientFactory();
    public override DbCommand CreateCommand() {
    return new SqlCeCommand();
    public override DbCommandBuilder CreateCommandBuilder() {
    return new SqlCeCommandBuilder();
    public override DbConnection CreateConnection() {
    return new SqlCeConnection();
    public override DbDataAdapter CreateDataAdapter() {
    return new SqlCeDataAdapter();
    public override DbParameter CreateParameter() {
    return new SqlCeParameter();
    That was easy enough, right ? I spent 1 week investigating the problem, 10 minutes solving it. I wonder why Microsoft didn’t include this class, because they have already the code in Microsoft.SqlServerCe.Client. I guess they have their reasons, but of course, they don’t tell us. After wasting one more month, I probably can tell. Oh, how I hate this.
    Or has anyone an idea what might be the problem ?

  • Simple source codes using JAXM Provider

    Hi guys,
    I am new to this technology. I looked around the web for simple codes using JAXM Provider but not luck. I will appreciate your help if someone out there have working example using JAXM service Provider.
    Thanks in advance...

    FileDataSource fds=new FileDataSource("abc.txt");
                   DataHandler xx = new DataHandler(fds);
                   MimeMultipart mp = new MimeMultipart();
                   MimeBodyPart mbp1 = new MimeBodyPart();
    mbp1.setDataHandler(xx);
              mbp1.setFileName("abc.txt");
                   mp.addBodyPart(mbp1);

  • Using Data Provider

    Hi,
    I am using Data Provider.
    Below are the pararmeters I am passing to it,
    oms:dataSource <parameter>mslv/oms/oms1/internal/jdbc/DataSource</parameter> DefaultValue=Xquery
    oms:sql <parameter>select name from employee where job=?</parameter> DefaultValue=Xquery
    in:1
    Now I want to pass a dynamic value for the where clause in the Sql.
    My Order Data is,
    <OrderData>
    <Employee>
    <Name></Name>
    <Job>Engineer</Job>
    </Employee>
    </OrderData>
    Now I want to pass the "Engineer" value to the where clause. How can I define a Xpath or Xquery for the in:1 parameter?
    Please help.

    You can find documentation for the DatabaseAdapter "Data Provider" class (also known as a View Framework Adapter) in the OSM SDK Javadocs. The Javadocs for the class provide information and an example to let you do what you are trying to do. I've copy/pasted them here for your reference:
    This class implements a View Framework external instance adapter that executes a SQL statement and builds an XML document based on the result set.
    There are two mandatory parameters for this class, oms:sql and oms:dataSource.
    oms:dataSource: Refers to the jndi name of a JDBC datasource defined in WebLogic. For example 'mslv/oms/oms1/internal/jdbc/DataSource'
    oms:sql: Contains the sql that will be sent to the database. For example 'select * from scott.emp where empno=?'
    Additional optional input parameters may be supplied that will be bound to parameters defined in the oms:sql value. For example, in the above sql statement a parameter is used to define the value for 'empno' in the where clause. A value for this parameter may be specified by defining a paremter called "in:1". If there were additional input parameters defined in the sql statement, these could be passed as "in:2", "in:3" and so on.
    In all cases these input parameters will be assumed to be string values and bound to the sql statement as string values.
    The following is an example of using the DatabaseAdapter to invoke a query:
    <instance name="well_paid_salesman" xsi:type="externalInstanceType">
    <adapter>com.mslv.oms.view.rule.adapter.DatabaseAdapter</adapter> <parameter
    name="oms:dataSource">'mslv/oms/oms1/internal/jdbc/DataSource'</parameter> <parameter
    name="oms:sql">"select * from scott.emp where job='SALESMAN' and sal > ?"</parameter> <parameter
    name="in:1">1250</parameter> </instance>
    The above declaration returns the following XML instance:
    <results> <rowSet> <row> <empno>7499</empno> <ename>ALLEN</ename> <job>SALESMAN</job> <mgr>7698</mgr>
    <hiredate>1981-02-20 00:00:00.0</hiredate> <sal>1600</sal> <comm>300</comm> <deptno>30</deptno> </row> <row>
    <empno>7844</empno> <ename>TURNER</ename> <job>SALESMAN</job> <mgr>7698</mgr> <hiredate>1981-09-08
    00:00:00.0</hiredate> <sal>1500</sal> <comm>0</comm> <deptno>30</deptno> </row> </rowSet> </results>
    The DatabaseAdapter can also be used to execute SQL stored procedures.
    The DatabaseAdapter provides a stored procedure SQL escape syntax that allows stored procedures to be called in a standard way for all RDBMSs. This escape syntax is defined as part of the Java JDBC API.
    This escape syntax has one form that includes a result parameter and one that does not. If used, the result parameter must be registered as an OUT parameter. The other parameters can be used for input, output or both. Parameters are referred to sequentially, by number, with the first parameter being 1.
    {?= call [,, ...]}
    {call [,, ...]}
    Values for input parameters to the stored procedure are specified using the in:1, in:2 (etc.) parameters in the same way as they are for regular SQL queries.
    Output parameters are specified using out:1, out:2 (etc.). Keep in mind that the parameter number (1, 2, 3, etc.) are numbered sequentially from 1 ordered from left to right in the specified SQL statement including both input and output parameters.
    The value of the parameter is the parameter SQL type (see http://java.sun.com/j2se/1.4.2/docs/api/java/sql/Types.html for a list of types).
    The following example illustrates how to call a database stored procedure that has one output parameter (the result of the stored procedure call), and one input parameter.
    <instance name="lock_count" xsi:type="externalInstanceType">
    <adapter>com.mslv.oms.view.rule.adapter.DatabaseAdapter</adapter> <parameter
    name="oms:dataSource">'mslv/oms/oms1/internal/jdbc/DataSource'</parameter> <parameter
    name="oms:sql">"{? = call om_cartridge_pkg.get_any_cartridge_id('my_cartridge',?)}"</parameter> <parameter
    name="out:1">'INTEGER'</parameter> <parameter name="in:2">'1.1'</parameter> </instance>
    The above declaration returns the following XML instance:
    <results> <outputParameter number="1">1234</outputParameter> </results>
    Hope this helps.
    Brian.

  • How to use JCo Provider Service w/Sneak Preview and Test Drive

    I have both SAP Web AS Sneak Preview (6.40) and MiniWas 6.20 Test Drive installed on a single system.  I have implemented a Java server program which can be RFC called from an ABAP program using JCO.
    The only disadvantage to this process is that I must manually run the server program each time I bring up the J2EE system.
    I would like to set things up so that when I start the WebAS 6.40 J2EE system, the server function can be automatically registered (if I'm using the correct terminology - not at all sure about that...).  It looks to me that I should be able to use JCo Provider Service to do what I want to do, but I don't know how to do any of the session bean creation and I esp. can't seem to find out how to run the  J2EE Visual Administrator, which the documentation I've found leads me to believe needs to be used.
    Is there a tutorial, or example, that will lead me through this entire process?  I have the ABAP calling program working OK, and I have the Java JCo server program working ok - I just want to create something in Java that will operate like a good old C Language function installed as an RFM.
    Can anyone help? Is it possible?

    Stefan:
    Well, I guess I'm stuck at the first step.
    As I understand it, I have to use the Visual Administrtor to register the Web AS 6.40 Sneak Preview system as an RFC destination.  When I bring up the Visual Administrator, it has essentially two tabs showing: Dispatcher and Server.  It's inviting me to define a connection and Login.  So, Q1: Is it inviting me to login to the J2EE or the Web AS?  Either way, I am never able to login - I get this error:
    com.sap.engine.services.security.exceptions.BaseLoginException: Cannot create new RemoteLoginContext
    I used all of the NetWeaver sneak preview defaults when installing, and I recorded these:
    Type               Account
    OS User            Compaq-laptop/J2EAdm
    OS User            Compaq-laptop/SAPServiceJ2E
    DB User            SAPJ2EDB
    J2EE Engine User   Administrator
    J2EE Engine User   Guest
    Q2:  Is it possible to do what I'm trying to do with the Sneak Preview system? 
    Or am I trying to connect and logon to the Web AS 6.20 Test Drive (I don't think so...)?  I used the defaults when installing the Test Drive, and have these users:
    BCUSER
    DDIC
    Is it one of these I should be logging onto?
    Also, Visual Administrator wants a port specified on the J2EE Engine connection paramters - what port should I be specifiying?
    Can you get me past this dilemma, Stefan?  Thanks...

  • Use of provider contracts is not active

    When i create an invoice via the TA FPE1, after filled all the require datas , there would raise an error message Use of provider contracts is not active.
    Do anyone knows what's wrong with it?
    Thanks

    Hi Keith,
    Welcome to the SCN forums!
    SAPLSKEY
    You should first check your Abap dumps using tranaction code ST22, this usually provides more detail on the problem.
    In this case I think it's trying to return a screen (or pop-up message) that can't be handled while activating the web service. The "SAPLSKEY" tells me that it might be licence related, do you have a valid developer's licence for Abap development work? If not apply for one (find out the procedure from other Abap developer's that you may work with) & check if that makes a difference while activating.
    Regards, Trevor

  • Sun PKCS11 Provider - charset of configuration

    Hi,
    I have problem with configuring Sun PKCS11 Provider. When I have czech char in path to the nssSecmodDirectory it fails to initialize the provider. The exception is
    Exception in thread "main" java.security.ProviderException: Could not initialize NSS
         at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:183)
         at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:90)
         at cz.mathan.multisignature.example.TestNSS.main(TestNSS.java:51)
    Caused by: java.io.IOException: NSS initialization failed
         at sun.security.pkcs11.Secmod.initialize(Secmod.java:199)
         at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:179)
         ... 2 more
    Do you know how to solve this problem?
    Thanks
    Lucie

    @see this link:
    http://forum.java.sun.com/thread.jspa?messageID=10308914

  • What IP address Bing is using to provide Safari's "search engine from providing suggestions." ?

    When you use Safari, you will find that Search engine can provide you with suggestions like this . For example, I am using Bing.
    How can I know what IP address Bing is using to provide those suggestions?

    >open a new tab
    >type about:config in the address bar
    make sure
    1: browser.fixup.alternate.enabled should be false
    2: keyword.enabled should be true
    3: keyword.URL should be http://www.google.com/search?ie=UTF-8&oe=UTF-8&q=

  • Automating Essbase clustering using Hyperion Provider Services

    Hi
    I am testing Essbase clustering using Hyperion Provider Services for high availability of cubes. I have created an Essbase cluster and added cubes to it using EAS. Since cubes get update during interday, I want to add/remove cubes from the cluster. I could do this process manually in EAS but prefer if I can automate this process. I was told that I could use either JAVA APIs (prefer) or XMLA to automate adding & removing cubes to/from the Essbase cluster. Unfortunately, I cannot find any documentation that mentions the names of the JAVA APIs that I should call to succeed this process. Could anybody help me please?
    Regards
    Chandra

    Hi,
    Assuming you are on V11 then if you have a look in \Hyperion\products\Essbase\aps\samples\japi and there is java example of creating clusters :- CreateCluster.java
    Java API docs available in \Hyperion\products\Essbase\aps\docs\japistart.htm
    If you are on an earlier version then the directory structure will be a little different.
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • Using iTunes why can you not backup and save your voicemail?  Guide me through this step by step if possible.  If alternate method MUST be used then provide same.  Truly appreciate this.

    Using iTunes why can you not backup and save your voicemail?  Guide me through this step by step if possible.  If alternate method MUST be used then provide same.  Truly appreciate this.

    Create and delete iPhone, iPad, and iPod touch backups in iTunes - Apple Support  - link doesn't state that voicemail is part of the backup
    iCloud: iCloud storage and backup overview  states that VVM is part of the icloud backup.
    You can also contact your cell phone provider - as voicemail is a carrier feature.

  • Code sample using Oracle Provider

    Hi Is any got code sample using Oracle Provider with aspnet app

    Assuming your stored procedure is returning a REF CURSOR, it cannot be done. Oracle's REF CURSORS are read only constructs.
    Justin

Maybe you are looking for

  • Has anyone had trouble unlocking an iphone?

    Hi I had an issue with my iPhone 4 and had it replaced. When my contract with Vodafone ended I tried to take my number to Telstra prepaid but it was locked. My iami number was not recognized by Vodafone as Apple had not sent it on to them. What do i

  • Changing stock removal strategy

    Hi All, I need to modify the source storage bin during stock removal such that the TO is created from fixed bin even when its stock is zero.I was using exit EXIT_SAPLL03A_009 for the same.But it gave me 'Quant overflow' or 'Storage unit error'. I als

  • HT1212 my i pad is disabled

    my i pad is disabled

  • Automatic jpeg vs jpeg

    When exporting a PDF from Indesign, what are the differences between choosing automatic jpeg and jpeg in the image compression settings in job options. Thanks, T

  • Airport utility wont pick up my airport

    My computer does not pick up my airport express in the utility but when i have erthnet it does but i can not proced because i need dns server and internet connection but when i click internet connection there is no where for me to choose my network?