Geek Answers Handbook

Java security - MSCAPI provider: how to use a popup without a password?

I was able to use the Sun MSCAPI provider in my application. The problem that I am currently facing is that it always exposes a window asking for a password, even if I provided it in code. This is a problem because I need cryptographic functionality in a web service.

Here is the code that I have now:

String alias = "Alias to my PK"; char[] pass = "MyPassword".toCharArray(); KeyStore ks = KeyStore.getInstance("Windows-MY"); ks.load(null, pass); Provider p = ks.getProvider(); Signature sig = Signature.getInstance("SHA1withRSA",p); PrivateKey key = (PrivateKey) ks.getKey(alias, pass) sig.initSign(key); sig.update("Testing".getBytes()); sig.sign();

This works fine, but I get a popup asking for a password when the last line is run. How to prevent this?

+6
java security cryptography cryptoapi
source share
3 answers

The MSCAPI provider does not support the provision of a CAPI password:

Compatibility mode is supported for applications that assume a password. It allows (but ignores) a non-empty password. The mode is enabled by default. (one)

To set a password via CAPI, you must call CryptSetKeyParam with the undocumented KP_KEYEXCHANGE_PIN or KP_SIGNATURE_PIN and hope that your base hardware token provider supports it. (They are not completely undocumented - the documentation for Windows CE and Windows Mobile mentions them (2) and they are included in the header files).

+4
source share

I assume that Windows pops up.

Import your key again using the Certificate Import Wizard, but make sure that you are not checking the next option on the Password screen.

[_] Enable strong secret key protection. You will be requested each time the private key is used by the application if you enable this option.

+1
source share

I solved this problem by installing a provider as follows:

signeData = gen.generate(content, ks.getProvider());

Where

ks is KeyStore and

gen is CMSSignedDataGenerator

0
source share

More articles:


All Articles