Re: Podpisovanie GemPC Twin

Thu, 30 Nov 2006 06:20:16 -0800 

Lukas Zapletal wrote:
>>         Konecne som zohnal drivre PKCS#11 na GemPCTwin, je to instalacny
>> balik GemSafe 4.2.
> 
> Mohu se zeptat jak se takovy driver pouzije? Nainstaluje se to do
> systemu a certifikaty se pak objevi i v Javovych certifikatech? Nebo
> se to musi nejakym zpusobem nacitat v Jave?

V Jave se musi natahnout nativni knihovna toho ovladace,
a pak se pouziva jako KeyStore, nebo jeste lepe jako
KeyStore.Builder, aby se heslo muselo zadavat jen jednou.
Tady je ukazka kodu:

public class PKCS11Token {
   private KeyStore.Builder builder;

    /**
     * Vraci KeyStore poskytovany PKCS11 zarizenim, pokud je to poprve,
pozaduje PIN v okne.
     * @return keyStore
     * @throws KeyStoreException
     */
    public KeyStore getKeyStore() throws KeyStoreException {
        return builder.getKeyStore();
    }

    /**
     * Vytvori a zaregistruje security Provider pro PKCS11 zarizeni
podle zadane knihovny.
     * @param pkcs11library cesta k souboru s PKCS11 knihovou, na
Windows aetpks11.dll
     */
    PKCS11Token(File pkcs11library) {
        if(!pkcs11library.exists()) { throw new RuntimeException("file
"+pkcs11library+" not found");}
        String lineSep = System.getProperty("line.separator");
        String cfg =
                "name=MujToken" + lineSep +
                "library="+pkcs11library.getAbsolutePath()+lineSep+
                "slotListIndex=0"+lineSep
                ;
        Provider provider = new sun.security.pkcs11.SunPKCS11(new
ByteArrayInputStream(cfg.getBytes()));
        Security.addProvider(provider);
        KeyStore.CallbackHandlerProtection chp =
               new KeyStore.CallbackHandlerProtection(new
DialogCallbackHandler());
        builder = KeyStore.Builder.newInstance("PKCS11",provider,chp);
    }

public static void main(String[] args)  {
    PKCS11Token t = new PKCS11Token(new
File("C:/WINDOWS/system32/aetpkss1.dll"));
    KeyStore ks = t.getKeyStore();
}

vice viz

http://java.sun.com/j2se/1.5.0/docs/guide/security/p11guide.html

Makub
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Supercomputing Center Brno             Martin Kuba
Institute of Computer Science    email: [EMAIL PROTECTED]
Masaryk University             http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
--------------------------------------------------------------

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Odpovedet emailem