在多终端设置中,从Nth(Except 1st)终端读取CAC卡时,我遇到了一个奇怪的问题。
环境-JDK8_u211,无需任何读卡器即可停止运行,笔记本电脑内置读卡器,USB读卡器,CAC \ PIV卡
使用案例已尝试
问题:无法确定要在配置文件中使用的正确插槽。终端的数量以某种方式并没有在运行时确定插槽。
通过启用JDK调试日志,我可以验证内部“ C_GetSlotList”
返回0,4,因为我只有2个终端,因此使用索引0或1。有人知道如何确定终端与插槽之间的相关性,或者我尝试读取卡的方式真的有问题吗?
请告知。
样本代码
public class MultipleTerminals { private static String DLL_PATH = "C:\\opensc-pkcs11.dll"; public static void main(String[] args) throws Exception { MyTerminal custTerminalObj = getSmartCardTerminal(); CardTerminal terminal = custTerminalObj.getTerminal(); Integer terminalIdx = custTerminalObj.getIndex(); System.out.println("Using Terminal.Name: " + terminal.getName()); System.out.println("Using Terminal.isCardPresent: " + ((CardTerminal)terminal).isCardPresent()); if (terminal.isCardPresent()) { // duplicate check registerProvider(4); KeyStore keyStore = createKeyStore(); printCertificate(keyStore); } } public static MyTerminal getSmartCardTerminal() { System.out.println("---------------------------------------------------"); MyTerminal terminal = null; int terminalIdx = -1; try { TerminalFactory factory = TerminalFactory.getDefault(); if (factory != null) { List<CardTerminal> allTerminals = factory.terminals().list(); for(CardTerminal term : allTerminals) { System.out.println("Terminal Name: " + term.getName()); System.out.println("isCardPresent: " + term.isCardPresent()); System.out.println("----------"); } for(CardTerminal term : allTerminals) { terminalIdx++; if(term.isCardPresent()) { terminal = new MyTerminal(); terminal.setIndex(terminalIdx); terminal.setTerminal(term); System.out.println("Using Terminal Idx: " + terminalIdx); } } } } catch (CardException e1) { terminal = null; System.out.println("SmartCardHelper.getSmartCardTerminal --> " + "Exception while accessing smart-card terminal: " + e1.getMessage()); e1.printStackTrace(); } return terminal; } public static void registerProvider(Integer idx) { System.out.println("---------------------------------------------------"); String ext = "attributes(*,*,*)=\n{\nCKA_TOKEN=true\nCKA_LOCAL=true\n}"; String OPENSC_DEFAULT_PROVIDER_NAME = "PKCS#11"; String OPENSC_PKCS11_DLL = DLL_PATH; String configString = "name = " + OPENSC_DEFAULT_PROVIDER_NAME.replace(' ', '_') + "\n" + "library = " + OPENSC_PKCS11_DLL + "\n slot = " + idx + " " + "\n attributes = compatibility \n" + ext; System.out.println("\tConfigString: " + configString); ByteArrayInputStream is = new ByteArrayInputStream( configString.getBytes(Charset.defaultCharset())); Provider cardSecurityProvider = new sun.security.pkcs11.SunPKCS11( is); displayProviders(); Security.addProvider(cardSecurityProvider); displayProviders(); System.out.println("=================="); } public static KeyStore createKeyStore() throws KeyStoreException { KeyStore.CallbackHandlerProtection callbackHandler = new KeyStore.CallbackHandlerProtection( new PIVCardPinHandler()); KeyStore.Builder builder = KeyStore.Builder.newInstance("PKCS11", null, callbackHandler); return builder.getKeyStore(); } public static void displayProviders() { System.out.println("---------------------------------------------------"); Provider[] objs = Security.getProviders(); System.out.println("Provider Count: " + objs.length); String type = "KeyStore"; String algorithm="PKCS11"; ProviderList list = Providers.getProviderList(); Provider provider = list.getProvider("SunPKCS11-PKCS"); System.out.println("Provider[SunPKCS11-PKCS]: " + provider); if(provider != null) { Set<Service> svcs = provider.getServices(); System.out.println("Service count: " + svcs.size()); } Service firstService = list.getService(type, algorithm); System.out.println("Type[KeyStore], Algo[PKCS11], Service: " + firstService); } public static void printCertificate(KeyStore keyStore) throws KeyStoreException { for (String alias : Collections.list(keyStore.aliases())) { System.out.println("Alias: " + alias); } } } class MyTerminal{ private Integer index; private CardTerminal terminal; public MyTerminal() { } public Integer getIndex() { return index; } public void setIndex(Integer index) { this.index = index; } public CardTerminal getTerminal() { return terminal; } public void setTerminal(CardTerminal terminal) { this.terminal = terminal; } }
*输出TestCase-1(工作)*
--------------------------------------------------- Terminal Name: Alcor Micro USB Smart Card Reader 0 isCardPresent: true ---------- Terminal Name: Identive SCR33xx v2.0 USB SC Reader 0 isCardPresent: false ---------- Using Terminal Idx: 0 Using Terminal.Name: Alcor Micro USB Smart Card Reader 0 Using Terminal.isCardPresent: true --------------------------------------------------- ConfigString: name = PKCS#11 library = C:\opensc-pkcs11.dll slot = 0 attributes = compatibility attributes(*,*,*)= { CKA_TOKEN=true CKA_LOCAL=true } SunPKCS11 loading ---DummyConfig-1--- sunpkcs11: Initializing PKCS#11 library C:\opensc-pkcs11.dll Information for provider SunPKCS11-PKCS Library info: cryptokiVersion: 2.20 manufacturerID: DUMMY_VALUE flags: 0 libraryDescription: DUMMY_VALUE libraryVersion: 0.19 All slots: 0, 4 Slots with tokens: 0, 4 Slot info for slot 0: slotDescription: Alcor Micro USB Smart Card Reader 0 manufacturerID: DUMMY_VALUE flags: CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE | CKF_HW_SLOT hardwareVersion: 0.00 firmwareVersion: 0.00 Token info for token in slot 0: label: DUMMY_VALUE manufacturerID: DUMMY_VALUE model: PKCS#15 emulated serialNumber: DUMMY_VALUE flags: CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED ulMaxSessionCount: CK_EFFECTIVELY_INFINITE ulSessionCount: 0 ulMaxRwSessionCount: CK_EFFECTIVELY_INFINITE ulRwSessionCount: 0 ulMaxPinLen: 8 ulMinPinLen: 4 ulTotalPublicMemory: CK_UNAVAILABLE_INFORMATION ulFreePublicMemory: CK_UNAVAILABLE_INFORMATION ulTotalPrivateMemory: CK_UNAVAILABLE_INFORMATION ulFreePrivateMemory: CK_UNAVAILABLE_INFORMATION hardwareVersion: 0.00 firmwareVersion: 0.00 utcTime: --------------------------------------------------- Provider Count: 10 Provider[SunPKCS11-PKCS]: null Type[KeyStore], Algo[PKCS11], Service: null --------------------------------------------------- Provider Count: 11 Provider[SunPKCS11-PKCS]: SunPKCS11-PKCS version 1.8 Service count: 26 Type[KeyStore], Algo[PKCS11], Service: SunPKCS11-PKCS: KeyStore.PKCS11 -> sun.security.pkcs11.P11KeyStore aliases: [PKCS11-PKCS] (KeyStore) ================== sunpkcs11: caller passed NULL pin
*输出TestCase-3(不工作)*
--------------------------------------------------- Terminal Name: Alcor Micro USB Smart Card Reader 0 isCardPresent: false ---------- Terminal Name: Identive SCR33xx v2.0 USB SC Reader 0 isCardPresent: true ---------- Using Terminal Idx: 1 Using Terminal.Name: Identive SCR33xx v2.0 USB SC Reader 0 Using Terminal.isCardPresent: true --------------------------------------------------- ConfigString: name = PKCS#11 library = C:\opensc-pkcs11.dll slot = 1 attributes = compatibility attributes(*,*,*)= { CKA_TOKEN=true CKA_LOCAL=true } SunPKCS11 loading ---DummyConfig-1--- sunpkcs11: Initializing PKCS#11 library C:\opensc-pkcs11.dll Information for provider SunPKCS11-PKCS Library info: cryptokiVersion: 2.20 manufacturerID: DUMMY_VALUE flags: 0 libraryDescription: DUMMY_VALUE libraryVersion: 0.19 All slots: 0, 4 Slots with tokens: 0, 4 --------------------------------------------------- Provider Count: 10 Provider[SunPKCS11-PKCS]: null Type[KeyStore], Algo[PKCS11], Service: null --------------------------------------------------- Provider Count: 11 Provider[SunPKCS11-PKCS]: SunPKCS11-PKCS version 1.8 Service count: 0 Type[KeyStore], Algo[PKCS11], Service: null ================== Exception in thread "main" java.security.KeyStoreException: KeyStore instantiation failed at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1967) Caused by: java.security.KeyStoreException: PKCS11 not found at java.security.KeyStore.getInstance(KeyStore.java:851) at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1923) at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1918) at java.security.AccessController.doPrivileged(Native Method) at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1964) ... 2 more Caused by: java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at java.security.Security.getImpl(Security.java:695) at java.security.KeyStore.getInstance(KeyStore.java:848) ... 6 more
*输出TestCase-4(工作)*
---------------------------------------------------
Terminal Name: Alcor Micro USB Smart Card Reader 0
isCardPresent: false
----------
Terminal Name: Identive SCR33xx v2.0 USB SC Reader 0
isCardPresent: true
----------
Using Terminal Idx: 1
Using Terminal.Name: Identive SCR33xx v2.0 USB SC Reader 0
Using Terminal.isCardPresent: true
---------------------------------------------------
ConfigString:
name = PKCS#11
library = C:\opensc-pkcs11.dll
slot = 4
attributes = compatibility
attributes(*,*,*)=
{
CKA_TOKEN=true
CKA_LOCAL=true
}
SunPKCS11 loading ---DummyConfig-1---
sunpkcs11: Initializing PKCS#11 library C:\opensc-pkcs11.dll
Information for provider SunPKCS11-PKCS
Library info:
cryptokiVersion: DUMMY_VALUE
manufacturerID: DUMMY_VALUE
flags: 0
libraryDescription: DUMMY_VALUE
libraryVersion: DUMMY_VALUE
All slots: 0, 4
Slots with tokens: 0, 4
Slot info for slot 4:
slotDescription: DUMMY_VALUE
manufacturerID: DUMMY_VALUE
flags: CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE | CKF_HW_SLOT
hardwareVersion: 0.00
firmwareVersion: 0.00
Token info for token in slot 4:
label: DUMMY_LABEL
manufacturerID: DUMMY_VALUE
model: PKCS#15 emulated
serialNumber: DUMMY_VALUE
flags: CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED
ulMaxSessionCount: CK_EFFECTIVELY_INFINITE
ulSessionCount: 0
ulMaxRwSessionCount: CK_EFFECTIVELY_INFINITE
ulRwSessionCount: 0
ulMaxPinLen: 8
ulMinPinLen: 4
ulTotalPublicMemory: CK_UNAVAILABLE_INFORMATION
ulFreePublicMemory: CK_UNAVAILABLE_INFORMATION
ulTotalPrivateMemory: CK_UNAVAILABLE_INFORMATION
ulFreePrivateMemory: CK_UNAVAILABLE_INFORMATION
hardwareVersion: 0.00
firmwareVersion: 0.00
utcTime:
---------------------------------------------------
Provider Count: 10
Provider[SunPKCS11-PKCS]: null
Type[KeyStore], Algo[PKCS11], Service: null
---------------------------------------------------
Provider Count: 11
Provider[SunPKCS11-PKCS]: SunPKCS11-PKCS version 1.8
Service count: 26
Type[KeyStore], Algo[PKCS11], Service: SunPKCS11-PKCS: KeyStore.PKCS11 -> sun.security.pkcs11.P11KeyStore
aliases: [PKCS11-PKCS]
(KeyStore)
==================
sunpkcs11: caller passed NULL pin
在多终端设置中从第N个(第1个除外)终端读取CAC卡时,我遇到了一个奇怪的问题。环境-JDK8_u211,无需任何读卡器即可停止运行,用于...
您在slot id