Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

PKCS11 seems to cache PIN code

843810Dec 28 2004 — edited Jun 21 2007
Hi,

I've been using the new pkcs11 sun module successfully with some pkcs11 tokens.

I want to encrypt many times in the same program with the same pkcs11 token and I want the user to enter his PIN code at each encryption.
It seems that only the first access to the pkcs11 keystore (mykeystore.load(null, PIN.toCharArray())) is important. All the following call to the load method of mykeystore don't care if the password is wrong. It can even be given a null password.

I've tried to remove the pkcs11 provider and add it back dynamically but the token still accept a wrong password.
It looks like the pkcs11 module cache a good password and use it instead of a new one !!

How do I reset a keystore to enforce the entering of a new check of the PIN ?

Regards,
Erwan.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jul 19 2007
Added on Dec 28 2004
8 comments
564 views