Signierdokument mit qualifiziertem Zertifikat - Smartcard

Question

Der folgende Code funktioniert ordnungsgemäß für 2 verschiedene Smartcard-Bibliotheken (centum cryptoCertum3PKCS.dll und cencert enigmap11.dll), aber er stürzt für kir (szafir) lib - ccpkip11.dll ab Providing Pin, die für ist 100% richtig

Wer hat eine Idee, was ich falsch mache?

KeyingDataProvider kp = new PKCS11KeyStoreKeyingDataProvider(
       settings.getDriverPath(), 
       settings.getProviderName(), 
       settings.getSlot(), 
       new CertificateSelector(), 
       new KeyStorePasswordProvider(), null, false); 

     Document src = getDocumentBuilder().parse(new File(filename)); 
     Document dest = getDocumentBuilder().newDocument(); 
     Node objContent = dest.importNode(src.getDocumentElement(), true); 

     XadesSigner signer = new XadesBesSigningProfile(kp).newSigner(); 

     DataObjectDesc obj = new EnvelopedXmlObject(objContent, "text/xml", null); 
     signer.sign(new SignedDataObjects(obj), dest); 

     Transformer transformer = TransformerFactory.newInstance().newTransformer(); 
     Result output = new StreamResult(new File(signed)); 
     Source input = new DOMSource(dest); 

     transformer.transform(input, output); 

Ich habe CKR_PIN_LEN_RANGE Fehler in Zeile signer.sign (new SignedDataObjects (OBJ), dest); voll Stacktrace:

xades4j.verification.UnexpectedJCAException: The keystore couldn't be initialized 
     at xades4j.providers.impl.KeyStoreKeyingDataProvider.ensureInitialized(KeyStoreKeyingDataProvider.java:179) 
     at xades4j.providers.impl.KeyStoreKeyingDataProvider.getSigningCertificateChain(KeyStoreKeyingDataProvider.java:189) 
     at xades4j.production.SignerBES.sign(SignerBES.java:151) 
     at xades4j.production.SignerBES.sign(SignerBES.java:122) 
     at com.riv.jpk.security.XadesHelper.sign(XadesHelper.java:127) 
     at com.riv.jpk.RaportGenerators.BaseGen.signXml(BaseGen.java:192) 
     at com.riv.jpk.ui.views.GenerateJPK.JpkGeneratorVM.signXml(JpkGeneratorVM.java:417) 
     at com.riv.jpk.ui.views.GenerateJPK.JpkGeneratorVM.lambda$validateMetaXML$44(JpkGeneratorVM.java:403) 
     at com.riv.jpk.ui.views.GenerateJPK.JpkGeneratorVM$$Lambda$361/32216595.handle(Unknown Source) 
     at com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(CompositeEventHandler.java:218) 
     at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:80) 
     at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238) 
     at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191) 
     at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58) 
     at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114) 
     at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74) 
     at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:54) 
     at javafx.event.Event.fireEvent(Event.java:198) 
     at javafx.concurrent.EventHelper.fireEvent(EventHelper.java:219) 
     at javafx.concurrent.Task.fireEvent(Task.java:1356) 
     at javafx.concurrent.Task.setState(Task.java:723) 
     at javafx.concurrent.Task$TaskCallable.lambda$call$496(Task.java:1434) 
     at javafx.concurrent.Task$TaskCallable$$Lambda$347/3131345.run(Unknown Source) 
     at com.sun.javafx.application.PlatformImpl.lambda$null$170(PlatformImpl.java:295) 
     at com.sun.javafx.application.PlatformImpl$$Lambda$51/6271097.run(Unknown Source) 
     at java.security.AccessController.doPrivileged(Native Method) 
     at com.sun.javafx.application.PlatformImpl.lambda$runLater$171(PlatformImpl.java:294) 
     at com.sun.javafx.application.PlatformImpl$$Lambda$49/19468568.run(Unknown Source) 
     at com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:95) 
     at com.sun.glass.ui.win.WinApplication._runLoop(Native Method) 
     at com.sun.glass.ui.win.WinApplication.lambda$null$145(WinApplication.java:101) 
     at com.sun.glass.ui.win.WinApplication$$Lambda$39/443957.run(Unknown Source) 
     at java.lang.Thread.run(Thread.java:745) Caused by: java.security.KeyStoreException: KeyStore instantiation failed 
     at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1967) 
     at xades4j.providers.impl.KeyStoreKeyingDataProvider.ensureInitialized(KeyStoreKeyingDataProvider.java:175) 
     ... 32 more 
Caused by: java.io.IOException: load failed 
     at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:843) 
     at java.security.KeyStore.load(KeyStore.java:1479) 
     at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1937) 
     at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1918) 
     at java.security.AccessController.doPrivileged(Native Method) 
     at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1964) 
     ... 33 more 
Caused by: javax.security.auth.login.LoginException 
     at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1238) 
     at sun.security.pkcs11.P11KeyStore.login(P11KeyStore.java:849) 
     at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:834) 
     ... 38 more 
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_PIN_LEN_RANGE 
     at sun.security.pkcs11.wrapper.PKCS11.C_Login(Native Method) 
     at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1222) 
     ... 40 more 

Answer 1

Ich habe es gefunden! Die Lösung bestand darin, C_GetSlotList vor dem Erstellen von KeyingDataProvider auszuführen.

PKCS11 p11 = PKCS11.getInstance(settings.getDriverPath(), "C_GetFunctionList", null, false); 
long[] slots = p11.C_GetSlotList(true); 

Ich bin mir nicht sicher, was der Fall war. In dieser Smartcard befand sich qualifiziertes Zertifikat auf Steckplatz 3, und es sieht so aus, als hätte java pksC# 11 implementation ein Problem, diesen Slot vor dem Ausführen von C_GetSlotList zu bekommen.