-2

I´m trying to read out the certificate of an etoken. I´ve followed the answer from Keystore from digital signature e-token using java. It´s giving me the certificates installed in the token but after that the token isn´t reachable anymore. Did somebody got something similar while accessing a token?

// Create instance of SunPKCS11 provider 
String pkcs11Config = "name=eToken\nlibrary=C:\\path\\to\\your\\pkcs11.dll"; 
java.io.ByteArrayInputStream pkcs11ConfigStream = new java.io.ByteArrayInputStream(pkcs11Config.getBytes()); 
sun.security.pkcs11.SunPKCS11 providerPKCS11 = new sun.security.pkcs11.SunPKCS11(pkcs11ConfigStream); 
java.security.Security.addProvider(providerPKCS11);  // Get provider KeyStore and login with PIN String pin = "11111111"; 
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("PKCS11", providerPKCS11); 
keyStore.load(null, pin.toCharArray());  // Enumerate items (certificates and private keys) in the KeyStore 
java.util.Enumeration<String> aliases = keyStore.aliases(); 
while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    System.out.println(alias); 
}

The problem persists, after plugging out/in the token is reachable again, but after running the code, the token seems to be locked again. OS Win2k8 Server.

Timo Bruntjn
  • 39
  • 8
  • Kindly add some code. –  Aug 09 '17 at 13:15
  • Code is from the example in the link – Timo Bruntjn Aug 09 '17 at 13:17
  • What is the exception you get when trying to access the token after you retrieved the certificates? – always_a_rookie Aug 09 '17 at 13:58
  • I dont get any its like you've took it away from USB . It hanging on the load – Timo Bruntjn Aug 09 '17 at 15:40
  • I will retry, Token was taken off and reconnected. Trying to figure Out, WHO this happens – Timo Bruntjn Aug 09 '17 at 15:49
  • No reason why this happens, after plugging off an plugging in the token it´s accessible again. I only get once access to the private key and then it seems like the token ist blocked. Is there anything to do to release the token? Any suggestions? – Timo Bruntjn Aug 10 '17 at 18:14
  • Can´t figure out what blocks the token. System Specification as follows: JAVA 1.8/Windows Server 2008 – Timo Bruntjn Aug 10 '17 at 18:29
  • Only thing i´ve found so far is that users asign the slot number, maybe this has do something with it? I haven´t specified it in my first tries because it wasn´t recommended as neccessary. https://community.oracle.com/thread/2226579 – Timo Bruntjn Aug 10 '17 at 18:30
  • Still something more, the SACTools.exe is running while i try to run the java code. Maybe there a cross reference, could it be that both processes try to get access and this locks the token out? – Timo Bruntjn Aug 10 '17 at 18:40

1 Answers1

0

Finally got this clear. After disconnecting other USB devices the Token responds as usual.

The Token should be plugged in to a fully powered port. Best on a separate Host- Bus.

Timo Bruntjn
  • 39
  • 8