Read private key from smart card to digitally sign XML document

Question

I'm developing an application where a user should be able to digitally sign XML documents using a smart card, which would hold their private key.

During testing, I am able to generate the xml signature given the file paths of the two keys (public and private).

My problem is how to read the private key from the smart card. I am able to get a response from the card using the following code:

        TerminalFactory factory = TerminalFactory.getDefault();
        List<CardTerminal> terminals = factory.terminals().list();

        CardTerminal terminal = terminals.get(0);

        Card card = terminal.connect("*");
        System.out.println("Card: " + card);

        CardChannel channel = card.getBasicChannel();
        ResponseAPDU r = channel.transmit(new CommandAPDU(0x00, 0x84, 0x00, 0x00, 0x08));

        String hex = DatatypeConverter.printHexBinary(r.getBytes());
        System.out.println("Response: " + hex);

Any help would be appreciated on how to read/view card contents in order to locate the private key.

Thanks!

Answer 1

Private Key can't be read from the SmartCard. Using PKCS11 lib such as SunPKCS11 or other PKCS11 warppers, you can get handle to private key and then use PKCS11 to sign from hardware device, say smartcard. You will need to provide path to driver of the smartcard to configure Java Security provider JCA/JCE.

For more details, you may refer: JDK 8 PKCS#11 Reference Guide

Alternatively, you may use any readily available library for the purpuse. Signer Digital provided by my Co. being one of those commercial libs on server side. Though Browser Extensions which sign using smartcard or usb token is free.