HSM Error | Private key must be instance of RSAPrivate(Crt)Key or have PKCS#8

后端 未结 2 1559
野的像风
野的像风 2021-02-04 22:19

Error received while decrypting data when private key is retrieved from HSM.

I have added sunpkcs11 provider in java.security. Hence, NOT adding provide

相关标签:
2条回答
  • 2021-02-04 22:33

    How I resolved:

    Root cause of this issue was that sunpkcs11 provider was getting loaded both statically and dynamically.

    i.e. in java.security, provider entry along with cfg path was already added.

    Also, in code, provider was initialized again with the cfg file.

    This was causing the issue.

    After changing:

    SunPKCS11 provider = new SunPKCS11("/home/user/pkcs11.cfg");
    

    TO:

    SunPKCS11 sunPKCS11Provider = (SunPKCS11) Security.getProvider("SunPKCS11");
    

    issue got resolved.

    0 讨论(0)
  • 2021-02-04 22:40

    I have used following code and issue has been resolved

        SunPKCS11 provider = new SunPKCS11("/home/user/pkcs11.cfg");
        Security.addProvider(provider);
        KeyStore keystore = KeyStore.getInstance("PKCS11");
        keystore.load(null, passphrase.toCharArray());
    
    0 讨论(0)
提交回复
热议问题