2

I have a tried to extract the private key from epass2003 and make the signature on pdf but when I am extracting private key it is throwing null pointer exception I have attached the code that I have tried below can anyone update the solution for this.

public class DigitalSignature {
public static void main(String args[]) throws IOException, GeneralSecurityException,DocumentException, CertificateVerificationException{
// Create instance of SunPKCS11 provider

String userFile = "C:/results/test.pdf";
String userFile_signed = "C:/results/test_signed.pdf";
sun.security.pkcs11.SunPKCS11 providerPKCS11 = new sun.security.pkcs11.SunPKCS11("Config.cfg");
java.security.Security.addProvider(providerPKCS11);

// Get provider KeyStore and login with PIN
String pin = "12345678";
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("PKCS11", providerPKCS11);
keyStore.load(null, pin.toCharArray());

// Enumerate items (certificates and private keys) in the KeyStore
java.util.Enumeration<String> aliases = keyStore.aliases();
String alias = null;
while (aliases.hasMoreElements()) {
    alias = aliases.nextElement();
    System.out.println(alias);
    }

   PrivateKey pk = (PrivateKey)keyStore.getKey(alias,pin.toCharArray());
    Certificate[] chain = keyStore.getCertificateChain(alias);

    OcspClient ocspClient = new OcspClientBouncyCastle();
    TSAClient tsaClient = null;  
    //System.out.println(chain); 

   for (int i = 0; i < chain.length; i++) {
        X509Certificate cert = (X509Certificate)chain[i];
        String tsaUrl = CertificateUtil.getTSAURL(cert);
        if (tsaUrl != null) {
            tsaClient = new TSAClientBouncyCastle(tsaUrl);
            break;
        }
    }
    List<CrlClient> crlList = new ArrayList<CrlClient>();
    crlList.add(new CrlClientOnline(chain));
    Test t = new Test();
    t.sign(userFile, userFile_signed, chain, pk, DigestAlgorithms.SHA256, providerPKCS11.getName(),
                 CryptoStandard.CMS, "Test", "Signature", crlList, ocspClient, tsaClient, 0);
}

public void sign(String src, String dest,
        Certificate[] chain, PrivateKey pk,
        String digestAlgorithm, String provider, CryptoStandard subfilter,
        String reason, String location,
        Collection<CrlClient> crlList,
        OcspClient ocspClient,
        TSAClient tsaClient,
        int estimatedSize)
                throws GeneralSecurityException, IOException, DocumentException {
    // Creating the reader and the stamper
    PdfReader reader = new PdfReader(src);
    FileOutputStream os = new FileOutputStream(dest);
    PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');

    // Creating the appearance
    PdfSignatureAppearance appearance = stamper.getSignatureAppearance();
    appearance.setReason(reason);
    appearance.setLocation(location);
    appearance.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, "sig");

    // Creating the signature
    ExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm, provider);
    ExternalDigest digest = new BouncyCastleDigest();
    MakeSignature.signDetached(appearance, digest, pks, chain, crlList, ocspClient, tsaClient, estimatedSize, subfilter);
}
}
ItamarG3
  • 4,092
  • 6
  • 31
  • 44
ARAVIND
  • 51
  • 1
  • 8
  • have you checked that `Config.cfg` is found and contains the correct route to the DLL of the smartcard? – pedrofb Nov 07 '16 at 13:26
  • yes I have verified that I can able to access the etoken and I can able to print the alias name as well but the problem arises when I am trying to access the certificate chain.Certificate chain and private key are showing null value.Could you update how to access the private key.I am using epass2003 token – ARAVIND Nov 08 '16 at 05:26

0 Answers0