Question

We have a web application that needs to sign XML with a token. We installed the drivers and access the certificate from "Windows-MY". But every time we call signature.sign(dsc); a window appear asking a password. It's possible to use the method sign and pass the PIN as param to avoid that window?

The method used to sign:

XMLSignature signature = sig.newXMLSignature(si, ki); 
signature.sign(dsc);

Image that appear to input PIN

No correct solution

OTHER TIPS

If you access a secure token through SUNMSCAPI with "Windows-MY" you are giving the authentication to the specific CSP vendor driver so you can not provide a PIN as method parameter. If you want to provide the PIN programatically you can access secure token directly with PKCS11Provider:

// First configure the Sun PKCS#11 provider. It requires a stream (or file)
// containing the configuration parameters - "name" and "library".
String smartCardDriverPath = "...lib\libpkcs11.so";
String pkcs11ConfigSettings = "name = SmartCardTest\n" + "library = " + smartCardDriverPath;
byte[] pkcs11ConfigBytes = pkcs11ConfigSettings.getBytes();
final ByteArrayInputStream confStream = new ByteArrayInputStream(pkcs11ConfigBytes);

// instantiate provider
SunPKCS11 pkcs11 = pkcs11 = new SunPKCS11(confStream);
Security.addProvider(pkcs11);   

// generate the keystore and provide the password
char[] pwd = "your_pass".toCharArray(); 
KeyStore ks = KeyStore.getInstance("PKCS11",pkcs11);
ks.load(null, pwd); 

Then you can extract the Key from the keystore avoiding the password window input an use to achieve your signature.

For more info on PKCS11 in java you can take a look on: PKCS11 JAVA GUIDE.

Hope this helps,

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top