EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElMemoryCertStorage and TElX509Certificate in Mac OS, Linux..

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#29428
Posted: 05/12/2014 06:31:24
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

Hi Eldos,

2 questions:
- First, do you have any other way to use Windows Certificate Store in your Java sample, without JNI?

- Second, how can I access MacOS or Linux certificate store to use a installed certificate in that store, using Java?

I'm trying to develop a Java applet to put in a WebSite, so that I'd like to avoid JNI and also would like to access MacOS/Linux certificate store..

I'm using a SmartCard that installs its certificates in the certificates stores.

Thank you,
Best Regards
#29429
Posted: 05/12/2014 06:37:25
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Quote
First, do you have any other way to use Windows Certificate Store in your Java sample, without JNI?

Th 12th version of SecureBlackbox contains TElJavaCertStorage class that allows to access both MY and ROOT windows stores without a need to use JNI.

Quote
Second, how can I access MacOS or Linux certificate store to use a installed certificate in that store, using Java?

Currently the only way is to use TElMemoryCertStorage and load key stores if they are stored in regular JKS files.
#29431
Posted: 05/12/2014 08:18:58
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

When does that 12th version comes out? It's an amazing achievement from you!

To use TElMemoryCertStorage, is it needed to use JNI, right? How do I list those JKS files using the TElMemoryCertStorage?

Thank you!
#29432
Posted: 05/12/2014 08:27:10
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
When does that 12th version comes out?

Its already available for download here: https://www.eldos.com/sbb/download-pre...hp#product

Quote
To use TElMemoryCertStorage, is it needed to use JNI, right?

JNI is needed only for TElWinCertStorage. TElMemoryCertStorage doesn't require JNI.

Quote
How do I list those JKS files using the TElMemoryCertStorage?

TElMemoryCertStorage allows to load a set of certificates from JKS file using its loadFromFileJKS method. Then you can use TElMemoryCertStorage.getCertifcate method to access each certificate. However you should discover how are certificate sets stored in Linux and OS X as its not necessary that JKS format is used.
#29435
Posted: 05/12/2014 09:55:26
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

When using the OfficeBlackBox Sample of your 12th version, when I do _OfficeDocument.open("full_path.docx", false); it is thrown up an exception saying: "java.lang.StringIndexOutOfBoundsException: String index out of range: -1", regardless the file I choose.. In the 11th version, this error doesn't appear..

By the way I'm doing this:

Code
TElJavaCertStorage  certStorage = new TElJavaCertStorage();
      certStorage.getSystemStores().beginUpdate();
      certStorage.getSystemStores().add("Windows-MY");
      certStorage.getSystemStores().endUpdate();


To obtain my windows certificates, but when I iterate certStorage the getCount is zero..

What am I missing?

Thank you once again.
#29436
Posted: 05/13/2014 02:22:17
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
When using the OfficeBlackBox Sample of your 12th version, when I do _OfficeDocument.open("full_path.docx", false); it is thrown up an exception saying: "java.lang.StringIndexOutOfBoundsException: String index out of range: -1", regardless the file I choose.. In the 11th version, this error doesn't appear..

Thanks for the report. We'll fix this bug and the fix will be included into the next SecureBlackbox build.

Quote
To obtain my windows certificates, but when I iterate certStorage the getCount is zero..

Most likely you didn't call SBUtils.setLicenseKey.
#29438
Posted: 05/13/2014 03:35:55
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

Quote

Most likely you didn't call SBUtils.setLicenseKey.


I did call SBUtils.setLicenseKey.
Are you sure my code is correct?

I'm doing this:

Code

        SBUtils.setLicenseKey("LicenseKeyCode");

        TElX509Certificate cert = new TElX509Certificate();

   TElJavaCertStorage  certStorage = new TElJavaCertStorage();
   certStorage.getSystemStores().beginUpdate();
   certStorage.getSystemStores().clear();
   certStorage.getSystemStores().add("Windows-MY");
   certStorage.getSystemStores().endUpdate();

   for (int i = 0; i < certStorage.getCount(); i++)
        {
             cert = certStorage.getCertificate(i);
        }


The code doesn't get in the loop even once..
When using the TElWinCertStorage my code is the same and the loop is reached..

I set my LicenseKey.. What is it missing? I didn't find any documentation about TElJavaCertStorage..

Thank you.
Best Regards
#29439
Posted: 05/13/2014 03:59:18
by Vsevolod Ievgiienko (EldoS Corp.)

Just checked your code - it works for me and enumerates all certificates from MY store. TElJavaCertStorage uses Sun JCE cryptoprovider internally, so its possible that the problem is related to the provider.

Please run next code and check if it produces any output. The code does the same as TElJavaCertStorage does internally but is simplified.

Code
import java.security.KeyStore;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

public class Main {
    public static void main(String[] args) {
        try {
            Provider p = new sun.security.mscapi.SunMSCAPI();
            KeyStore ks = KeyStore.getInstance("Windows-MY", p);
            ks.load(null, null);

            Enumeration<String> e = ks.aliases();
            while (e.hasMoreElements()) {
                String alias = e.nextElement();

                X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
                System.out.println(cert.getSubjectX500Principal().getName());
            }
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
}
#29440
Posted: 05/13/2014 04:29:30
by glinttgs sousa (Basic support level)
Joined: 02/27/2014
Posts: 51

Yes.. This way my certificates are printed...

When using the TElJavaCertStorage I think it access to the store properly, but then when I try to obtain the certificates, using getCertificate(index); it doesn't work.. That instruction is not reached.. I don't understand why. The certStorage.getCount() is zero..

I think it works because my smart cards blinks.. And its certificate it is stored in windows certificate store.. But the problem is the getCount..
#29441
Posted: 05/13/2014 04:42:05
by Vsevolod Ievgiienko (EldoS Corp.)

Moved the discussion to the Helpdesk. Lets continue there.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 2789 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!