How to access certificate from eToken in java

About

Asked 14/11, 2011 at 10:23 Answered 14/11, 2011 at 10:40

Solved java encryption cryptography certificate devicetoken

I want to read certificate from eToken when it plugged-in, when I store that certificate on local machine I can read it through my java application but, I don't know how to read it from eToken.

RSAPublicKey pub;
            String fileName = "C:\\myCert.cer";

             InputStream inStream = new FileInputStream(fileName);
             CertificateFactory cf = CertificateFactory.getInstance("X.509");
             X509Certificate cert =
        (X509Certificate)cf.generateCertificate(inStream);
             inStream.close();

             pub = (RSAPublicKey) cert.getPublicKey();
             System.out.println(cert.getIssuerDN());
             System.out.println(cert.getSubjectDN());
             System.out.println(cert.getSubjectAlternativeNames());
             byte [] tempPub = pub.getEncoded();
             String sPub = new String( tempPub );

Trail answered 14/11, 2011 at 10:23 Comment(0)

One way to do this is by using the PKCS#11 provider. It comes with examples, too.

Succinct answered 14/11, 2011 at 10:40 Comment(6)

Note that the PKCS#11 provider is only available in the 32 bit editions of Oracle Java 6 & 7. – Sutphin 14/11, 2011 at 10:44

@Succinct thanks for replay, but when I plugged-in USB token, I can see myCert from mozila firefox -> tools->Options->view Certificates and after plugged-out I can't so is there way to access that certificate? As I mentioned in my code and from your given link can I do it? please tell me I am really stuck here... – Trail 14/11, 2011 at 12:47

Sure, it's all outlined in the documentation. You basically provide the PKCS#11 provider with the information where to find the native PKCS#11 library, then you can access certificates and keys using a KeyStore (don't forget to use KeyStore.getInstance("PKCS11")). – Succinct 14/11, 2011 at 12:52

@Succinct m trying as your instructions but, m getting error at KeyStore key = KeyStore.getInstance("PKCS11", pro) as: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-Aladdin. Also i tried multiple combinations with KeyStore.getInstance(); but still stuck. In config file I put C:/WINDOWS/system32/eTPKCS11.dll. – Trail 18/11, 2011 at 6:32

Are you sure you edited the correct java.security file? That happens to me a lot when using several JREs? – Succinct 18/11, 2011 at 9:44

@Succinct Yes, but I think we can install provider statically or programmatically, Hence I tried both way but still getting same error... – Trail 18/11, 2011 at 9:57

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags