1

I'm trying to make a simple java app that uses a security token to sign a file (any extension).

I need to read all the info from the token and sign the file with it so that I can later load the signed file, get the original file and all the other info.

Here's the sample code I have at the moment, the main problem I see is that different tokens can have different .dll and I need something like an abstraction of this.

    String pkcs11config = "C:/Documents and Settings/nsaul/Escritorio/Lib/ep2pk11.cfg";

    Provider p = new sun.security.pkcs11.SunPKCS11(pkcs11config);

    //Use the provider
    char [] pin = {'#', '#', '#', '#', '#', '#', '#', '#'};
    KeyStore ks = KeyStore.getInstance("PKCS11",p);
    ks.load(null, pin);

I have found a guide in C# that seems to do what I need but Java is a requirement for the project.

https://learn.microsoft.com/en-us/dotnet/standard/security/how-to-access-hardware-encryption-devices

Cœur
  • 37,241
  • 25
  • 195
  • 267
Nicolas Saul
  • 143
  • 1
  • 11
  • Please fix your terminology. You either "encrypt" a file and "decrypt" it or "sign" a file and "verify signature". There is no such thing as "unsign". Generally speaking, you can strip a signature from a file, but it doesn't make any practical sense in this context. – Victor Ronin Jan 23 '13 at 18:32

1 Answers1

0

There is no available abstraction, you would have to write one yourself.If you requirement is to support multiple potential providers (I assume that is what you mean by different tokens can have different dll since there are subtle differences among providers, you should create a class that is responsible for each one, and will implement a well defined interface for all the actions.
In the rest of your code you will just use that interface and you could use e.g. Dependency Injection to use the proper concrete provider handler according to the current installation

Cratylus
  • 52,998
  • 69
  • 209
  • 339