Thanks! It works!
"glen beasley" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > hi, > > You need to add the parameters "nssArgs" and "slot" to your > pkcs11.config file: > > name = NSS > slot = 2 > library = /path/to/libsoftokn3.so > nssArgs = "configdir='/path/to/db/files' certPrefix='' keyPrefix='' > secmod='secmod.db' flags=readOnly" > > I attached a quick test program that will list the certs store in the db > called PKCS11ListCerts.java > > > -glen > > > > Bob Relyea wrote: >> The problem is in the softokn3.dll module. This PKCS #11 module >> requires extra parameters which are not part of the PKCS #11 spec >> (they've been proposed, but it's been several years and haven't yet been >> accepted -- mostly do to inertia). >> >> Anyway softokn3.dll requires these parameters in order to initialize >> (they specify where the NSS databases should be). I've been meaning to >> fix this, but it hasn't been a priority at this point. Anyway I've heard >> that the sun java code knows that softokn requires extra parameters and >> does have a way to specify them (probably in the pkcs11.config file). >> >> Enzo Motta wrote: >> >>> I'm trying to connect to firefox's PKCS#11 implementation using the >>> new sun PKCS#11 Provider. >>> >>> My code looks like: >>> >>> String configName = "c:\\pkcs11.config"; >>> Provider p = new sun.security.pkcs11.SunPKCS11(configName); >>> Security.addProvider(p); >>> >>> My pkcs11.config is: >>> >>> name = Firefox >>> library = C:\Mozilla\softokn3.dll >>> >>> And I always got the error: >>> >>> Exception in thread "main" java.security.ProviderException: >>> Initialization failed >>> at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:153) >>> at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:74) >>> at Main.main(Main.java:15) >>> Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: >>> CKR_ARGUMENTS_BAD >>> at sun.security.pkcs11.wrapper.PKCS11.C_Initialize(Native Method) >>> at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:143) >>> at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103) >>> >>> Does anyone know what is wrong? Or where can I found a solution? >>> >>> Thanks, >>> >>> Enzo Motta. >>> >>> _______________________________________________ >>> mozilla-crypto mailing list >>> [email protected] >>> http://mail.mozilla.org/listinfo/mozilla-crypto >>> >> >> > > -------------------------------------------------------------------------------- > /* ***** BEGIN LICENSE BLOCK ***** > * Version: MPL 1.1/GPL 2.0/LGPL 2.1 > * > * The contents of this file are subject to the Mozilla Public License > Version > * 1.1 (the "License"); you may not use this file except in compliance with > * the License. You may obtain a copy of the License at > * http://www.mozilla.org/MPL/ > * > * Software distributed under the License is distributed on an "AS IS" > basis, > * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License > * for the specific language governing rights and limitations under the > * License. > * > * The Original Code is Netscape Security Services for Java. > * > * The Initial Developer of the Original Code is > * Netscape Communications Corporation. > * Portions created by the Initial Developer are Copyright (C) 2002 > * the Initial Developer. All Rights Reserved. > * > * Contributor(s): > * > * Alternatively, the contents of this file may be used under the terms of > * either the GNU General Public License Version 2 or later (the "GPL"), or > * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), > * in which case the provisions of the GPL or the LGPL are applicable > instead > * of those above. If you wish to allow use of your version of this file > only > * under the terms of either the GPL or the LGPL, and not to allow others > to > * use your version of this file under the terms of the MPL, indicate your > * decision by deleting the provisions above and replace them with the > notice > * and other provisions required by the GPL or the LGPL. If you do not > delete > * the provisions above, a recipient may use your version of this file > under > * the terms of any one of the MPL, the GPL or the LGPL. > * > * ***** END LICENSE BLOCK ***** */ > > import java.security.Provider; > import java.security.Security; > import java.security.KeyStore; > import java.util.Enumeration; > > public class PKCS11ListCerts { > private KeyStore keyStore = null; > KeyStore.Builder builder = null; > > public static void usage() { > System.out.println( > "Usage: java PKCS11ListCerts <PKCS11ConfigFile> > <DB_password>"); > } > > public static void main(String args[]) { > > if ( args.length != 2 ) { > usage(); > System.exit(1); > } > > > String configName = args[0]; > Provider p = new sun.security.pkcs11.SunPKCS11(configName); > Security.addProvider(p); > > Provider[] providers = Security.getProviders(); > for ( int i=0; i < providers.length; i++ ) { > System.out.println("Provider " +i+ ": " + > providers[i].getName()); > } > > try { > KeyStore.PasswordProtection pwd = new > KeyStore.PasswordProtection(args[1].toCharArray()); > KeyStore ks = KeyStore.getInstance("PKCS11", p); > ks.load(null, pwd.getPassword()); > System.out.println("The algorithm " + ks.getType()); > System.out.println("The provider " + ks.getProvider()); > System.out.println("the number of certs " + ks.size()); > > for (Enumeration list = ks.aliases(); list.hasMoreElements() > ; ) { > String alias = (String) list.nextElement(); > System.out.println( alias ); > } > > > } catch (Exception e) { > e.printStackTrace(); > System.out.println("Wrong password"); > } > } > > } > -------------------------------------------------------------------------------- > name=NSSSofToken > library=c:\\tip\\mozilla\\dist\\JSS\\lib\\softokn3.dll > description=NSS PKCS11 > nssArgs="configdir='C:/tip' certPrefix='' keyPrefix='' secmod='secmod.db' > flags=readOnly" > slot=2 > _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
