1. 技术文章
  2. Using j2pkcs11.dll with java 8 (64-bit) on windows 7 (64-bit)

Using j2pkcs11.dll with java 8 (64-bit) on windows 7 (64-bit)

不羁的心 提交于 2019-12-18 17:27:12

问题


I trying to use the j2pkcs11.dll (packaged with jdk1.8.0 - 64bit) to access certificates stored on a smartcard but not unable to make it work.

--- sample code to add the SunPKCS11 provider dynamically ---

    String pkcs11ConfigSettings = "name = " + "TestSmartCard" + "\n" + "library = " + "C:/jdk1.8.0_11/jre/bin/j2pkcs11.dll";
    byte[] pkcs11ConfigBytes = pkcs11ConfigSettings.getBytes();
    ByteArrayInputStream confStream = new ByteArrayInputStream(pkcs11ConfigBytes);            
    Provider p = new sun.security.pkcs11.SunPKCS11(confStream);

---- the exception I get ---

java.security.ProviderException: Initialization failed
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
    at scpoc.SmartCard.main(SmartCard.java:28)

Caused by: java.io.IOException: The specified procedure could not be found.
    at sun.security.pkcs11.wrapper.PKCS11.connect(Native Method)
    at sun.security.pkcs11.wrapper.PKCS11.<init>(PKCS11.java:138)
    at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:151)
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:313)

JEP 131 claims to have PKCS11 support in Java 8 (http://openjdk.java.net/jeps/131) but I have not been able to get it to work on windows 7 using the java8 64-bit. Note: I also tried the java 8 32-bit on windows 7 - but no luck either.

Has anyone had any success using the SunPKCS11 provider with java 8 (Windows 7)?


回答1:


SunPKCS11 provider is present only in 32-bit Windows version of JRE up until JRE7. Since JRE8 it is present also in 64-bit Windows version of JRE. This is the information you see in JEP131.

If you need to use PKCS#11 API in 64-bit Windows version of JRE older than JRE8 then you will have to use one of alternative 3rd party implementations - such as IAIK-JCE.

I have also noticed in your code sample that you are trying to directly use "j2pkcs11.dll" as a PKCS#11 library which is wrong because it is just a JNI wrapper sitting between JRE and the library implementing PKCS#11 interface. Instead of loading "j2pkcs11.dll" you need to load PKCS#11 library provided by your smartcard or HSM vendor.



来源:https://stackoverflow.com/questions/28640506/using-j2pkcs11-dll-with-java-8-64-bit-on-windows-7-64-bit

标签
pkcs#11
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!