KeyStore - no such algorithm: PKCS11 for provider SunPKCS11-ActivCard
When accessing the KeyStore to get the certificate from a CAC Card Reader, everything works fine as long as there is only one card reader in the system. If an external car reader is also installed I can easily locate the active reader, but I cannot access the KeyStore to get the certificate info. I get the error
java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-ActivCard
How can I read the information from a reader when there is more than one in the system?
private ArrayList<CACCertificateInfo> getCACCertData ()
{
CK_C_INITIALIZE_ARGS initArgs = new CK_C_INITIALIZE_ARGS();
String functionList = "C_GetFunctionList";
final long CKF_OS_LOCKING_OK = 0x00000002L;
initArgs.flags = CKF_OS_LOCKING_OK;
PKCS11 myPKCS11Module_ = null;
try {
try {
myPKCS11Module_ = PKCS11.getInstance(ApplicationConstants.USER_CFG_CARD_LIBRARY, functionList, initArgs, false);
} catch (IOException ex) {
ex.printStackTrace();
System.exit(0);
}
} catch (PKCS11Exception e) {
try {
initArgs = null;
myPKCS11Module_ = PKCS11.getInstance(ApplicationConstants.USER_CFG_CARD_LIBRARY, functionList, initArgs, true);
} catch (IOException ex) {
ex.printStackTrace();
} catch (PKCS11Exception ex) {
ex.printStackTrace();
}
}
ArrayList<CACCertificateInfo> cacInfo = new ArrayList<CACCertificateInfo>();
try
{
// Get our certificates from our CAC Card
StringBuffer cardConfig = new StringBuffer();
cardConfig.append("name = " + ApplicationConstants.USER_CFG_CARD_NAME + "\n");
cardConfig.append("library = " + ApplicationConstants.USER_CFG_CARD_LIBRARY);
InputStream is = new ByteArrayInputStream(cardConfig.toString().getBytes());
Provider p = new sun.security.pkcs11.SunPKCS11(is);
Security.addProvider(p);
long[] slots = myPKCS11Module_.C_GetSlotList(true);
for (int i = 0; i < slots.length; i++)
{
CK_TOKEN_INFO tokenInfo = null;
try
{
tokenInfo = myPKCS11Module_.C_GetTokenInfo(slots);
if (tokenInfo.label != null)
{
KeyStore cac = null;
cac = KeyStore.getInstance(ApplicationConstants.USER_CFG_CARD_KEYSTORE,p);
cac.load(null, null);
Enumeration<String> aliases = cac.aliases();
while (aliases.hasMoreElements())
{
CACCertificateInfo certData = new CACCertificateInfo();
String alias = aliases.nextElement();
X509Certificate[] cchain = (X509Certificate[]) cac.getCertificateChain(alias);
certData.setCertificateChain(alias);
//System.out.println("Certificate Chain for : " + alias);
for (int ii = 0; ii < cchain.length; ii++)
{
certData.setX509certificate(cchain[ii]);
//System.out.println(ii + " SubjectDN: " + cchain[ii].getSubjectDN().getName());
//System.out.println(ii + " IssuerDN: " + cchain[ii].getIssuerDN().getName());
}
cacInfo.add(certData);
}
}
} catch (PKCS11Exception e) {
// Some exceptions indicate a device is not present, not recognized, or removed
// ignore these slots.
if (e.getMessage() != null && e.getMessage().indexOf("TOKEN_NOT_PRESENT") >= 0) {
continue;
}
if (e.getMessage() != null && e.getMessage().indexOf("TOKEN_NOT_RECOGNIZED") >= 0) {
continue;
}
if (e.getMessage() != null && e.getMessage().indexOf("CKR_DEVICE_REMOVED") >= 0) {
continue;
}
// else
e.printStackTrace();
System.exit(0);
}
}
}
catch (Exception ex)
{
ex.printStackTrace();
System.exit(0);
}
finally
{
}
return cacInfo;
}