Hi,
I m using sunPkcs11 class to connect my app to NetHsm.
My local service nFast runs on port 9004. It is used as bridge to communicate with the NetHsm.
My provider is set like that:
Provider provider = new sun.security.pkcs11.SunPKCS11(pkcs11ConfigFile); // name = nCipher, library = D:\Program\nCipher\nfast\toolkits\pkcs11\cknfast-64.dll
And I decipher like that:
KeyStore ks = KeyStore.getInstance("PKCS11", provider);
ks.load(null, password);
Key key = ks.getKey(keyId, null);
IvParameterSpec paramSpec = new IvParameterSpec(iv);
AlgorithmParameters algParams = AlgorithmParameters.getInstance("AES");
algParams.init(paramSpec);
Cipher ci = Cipher.getInstance("AES/CBC/NoPadding", provider);
ci.init(Cipher.DECRYPT_MODE, key, algParams);
ci.doFinal(dataToDecipher);
All is right, I can decipher my keys.
Now, I stop the service nFast. I get an exception because it is impossible to decipher my keys. Normal ...
java.security.ProviderException: update() failed
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DEVICE_ERROR
I restart the service and I would like to be able to decipher again my keys but I get an exception.
java.security.ProviderException: update() failed
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
at sun.security.pkcs11.wrapper.PKCS11.C_FindObjectsInit(Native Method)
at sun.security.pkcs11.P11KeyStore.findObjects(P11KeyStore.java:2673)
at sun.security.pkcs11.P11KeyStore.mapLabels(P11KeyStore.java:2288)
at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:770)
I'm obliged to restart my app.
How can I re-initialize the provider in order to communicate again with the service without restarting the app?