Keystore from digital signature e-token using java

后端 未结 1 592
深忆病人
深忆病人 2021-02-06 19:26

How to create the keystore from digital signature e-token? How crate the path of keystore? How to sign with the keystore in any document using java application?

1条回答
  •  终归单人心
    2021-02-06 20:00

    Cryptographic hardware devices can usually be interfaced via PKCS#11 API. You will need PKCS#11 library (.dll on Windows or .so on Unix) acting as a "device driver" which gets usually installed along with the software provided by the device vendor (consult your e-token documentation for the exact library location). You have mentioned "keystore" in your question therefore I guess you are using JAVA language and you can use SunPKCS11 provider to access PKCS#11 compatible cryptographic store. Here is the quick sample:

    // Create instance of SunPKCS11 provider
    String pkcs11Config = "name=eToken\nlibrary=C:\\path\\to\\your\\pkcs11.dll";
    java.io.ByteArrayInputStream pkcs11ConfigStream = new java.io.ByteArrayInputStream(pkcs11Config.getBytes());
    sun.security.pkcs11.SunPKCS11 providerPKCS11 = new sun.security.pkcs11.SunPKCS11(pkcs11ConfigStream);
    java.security.Security.addProvider(providerPKCS11);
    
    // Get provider KeyStore and login with PIN
    String pin = "11111111";
    java.security.KeyStore keyStore = java.security.KeyStore.getInstance("PKCS11", providerPKCS11);
    keyStore.load(null, pin.toCharArray());
    
    // Enumerate items (certificates and private keys) in the KeyStore
    java.util.Enumeration aliases = keyStore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        System.out.println(alias);
    }
    

    0 讨论(0)
提交回复
热议问题