stackoom
  简体   繁体   中英

Encrypting data using smart card private key

 原文  2014-08-18 10:05:11       java/ dll/ certificate/ smartcard/ pkcs#11

Question

I am trying to use an applet in my web application to encrypt some data using a smart card. i am following this link: http://www.developer.com/java/other/article.php/3587361/Java-Applet-for-Signing-with-a-Smart-Card.htm

I am able to read the certificates stored in the smartcard and encrypt data using the certificates. But it requires me to pass location of PKCS#11 implementation library file(.dll) and the smart card pin.

My functional requirement is to load the list of certificates from a single(or multiple) smart cards connected to a system without passing any .dll filepath. Ofcourse, when the user selects a certificate for signing he/she will enter the PIN.

Is it possible to extract certificate details from a smartcard without passing location of PKCS#11 implementation library file(.dll)

Implementation:

PKCS11LibraryFileAndPINCodeDialog localPKCS11LibraryFileAndPINCodeDialog = new PKCS11LibraryFileAndPINCodeDialog();

boolean bool;

try {
  bool = localPKCS11LibraryFileAndPINCodeDialog.run();

}
finally
{
  localPKCS11LibraryFileAndPINCodeDialog.dispose();
}
if (bool)
{
  String str2 = this.mSignButton.getLabel();
  this.mSignButton.setLabel("Working...");
  this.mSignButton.setEnabled(false);
  try
  {
    String str3 = localPKCS11LibraryFileAndPINCodeDialog.getLibraryFileName();
    String str4 = localPKCS11LibraryFileAndPINCodeDialog.getSmartCardPINCode();
    SmartCardSignerApplet.CertificationChainAndSignatureBase64 localCertificationChainAndSignatureBase641 = signDocument(arrayOfByte, str3, str4);
  }

2 answers

solution1
 0  2015-03-13 14:30:38

The short answer is "No." When interacting with smart cards, Java simply passes the PKCS#11 requests on to the .dll file that actually interacts with the card, so you need to provide this .dll file to interact with the smart card and read certificates.

You might be able to do this without the .dll file, but I think it would amount to rewriting the .dll code yourself. My understanding is that different smart cards have different APIs, and the .dll files used to access them provide a standard PKCS#11 API, so rather than implement all smart card APIs, the Java libraries for smart card access just use the PKCS#11 interface provided by the .dll file.

solution2
 0  2021-12-18 06:14:27

For those landing here after 7 years, in 2021 or later, for modern browsers, one can use Browser Extension which in turn uses local host application to access local Certificate store, which connects to smartcard using CSP and you don't need to specify PKCS#11 library. Please refer to Stacks Overflow Answer for Encryption, Decryption and other APIs.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Read private key from smart card to digitally sign XML document Encrypting with RSA private key in Java Using Ionic with Smart Card (Java Card) Smart card authentication using LDAP Encrypting Xml using session key encrypting with a static key using AES Reading data from SLE 4442 smart card using ACR38 Card Reader how to write and read data from smart card using java card apdu Encrypting a AES key using RSA Key How to get Certificate for encrypting mail into Java without private key?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM