Difference between revisions of "Java PKCS11"

From Dogtag
Jump to: navigation, search
m (Configuration)
m (Configuration)
Line 36: Line 36:
 
* enabledMechanisms
 
* enabledMechanisms
 
* disabledMechanisms
 
* disabledMechanisms
 +
* attributes
 +
* handleStartupErrors
 +
* insertionCheckInterval
 
* showInfo
 
* showInfo
 +
* keyStoreCompatibilityMode
 +
* explicitCancel
 +
* omitInitialize
 +
* allowSingleThreadedModules
 +
* functionList
 
* nssUseSecmod
 
* nssUseSecmod
 
* nssLibraryDirectory
 
* nssLibraryDirectory
 
* nssSecmodDirectory
 
* nssSecmodDirectory
 
* nssModule
 
* nssModule
 +
* nssDbMode
 
* nssNetscapeDbWorkaround
 
* nssNetscapeDbWorkaround
 
* nssArgs
 
* nssArgs

Revision as of 21:50, 7 October 2019

Sun PKCS#11 Provider

Main class: sun.security.pkcs11.SunPKCS11

See also:

Installation

Static Installation

To install the provider statically, add the following property into $JAVA_HOME/lib/security/java.security:

security.provider.7=sun.security.pkcs11.SunPKCS11 /etc/pki/nssdb/pkcs11.cfg

Dynamic Installation

To install the provider dynamically, use the following code:

String configName = "/etc/pki/nssdb/pkcs11.cfg";
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);

Configuration

Parameters:

  • name
  • library
  • description
  • slot
  • slotListIndex
  • enabledMechanisms
  • disabledMechanisms
  • attributes
  • handleStartupErrors
  • insertionCheckInterval
  • showInfo
  • keyStoreCompatibilityMode
  • explicitCancel
  • omitInitialize
  • allowSingleThreadedModules
  • functionList
  • nssUseSecmod
  • nssLibraryDirectory
  • nssSecmodDirectory
  • nssModule
  • nssDbMode
  • nssNetscapeDbWorkaround
  • nssArgs
  • nssUseSecmodTrust
  • useEcX963Encoding
  • nssOptimizeSpace

For example:

name=NSS
nssLibraryDirectory=/usr/lib64
nssSecmodDirectory=/etc/pki/nssdb
nssModule=keystore

See also:

JSS Provider

Main class: org.mozilla.jss.provider.java.security.JSSKeyStoreSpi

See also:

References