問(wèn)題描述

我已經(jīng)設(shè)法使用 Sun 的 MSCAPI提供者 在我的應(yīng)用程序中.我現(xiàn)在遇到的問(wèn)題是它總是彈出一個(gè)窗口，要求輸入密碼，即使我已經(jīng)在代碼中提供了密碼.這是個(gè)問(wèn)題，因?yàn)槲倚枰?web 服務(wù)中的加密功能.

I've managed to use Sun's MSCAPI provider in my application. The problem I'm having now is that it always pops up a window, asking for a password, even though I've provided it in the code. This is a problem, because I need the cryptography functionality in a webservice.

這是我現(xiàn)在擁有的代碼:

Here's the code I have now:

String alias = "Alias to my PK";
char[] pass = "MyPassword".toCharArray();

KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, pass);
Provider p =  ks.getProvider();

Signature sig = Signature.getInstance("SHA1withRSA",p);
PrivateKey key = (PrivateKey) ks.getKey(alias, pass)

sig.initSign(key);
sig.update("Testing".getBytes());
sig.sign();

這很好用，但是當(dāng)最后一行運(yùn)行時(shí)，我會(huì)彈出一個(gè)詢(xún)問(wèn)密碼的窗口.我該如何預(yù)防?

This is working great, but I get a popup asking for the password when the last line is run. How do I prevent that?

推薦答案

MSCAPI提供者不支持向CAPI提供密碼:

The MSCAPI provider does not support providing the password to CAPI:

假定必須提供密碼的應(yīng)用程序支持兼容模式.它允許(但忽略)非空密碼.該模式默認(rèn)啟用.(1)

A compatibility mode is supported for applications that assume a password must be supplied. It permits (but ignores) a non-null password. The mode is enabled by default. (1)

要通過(guò)CAPI設(shè)置密碼，必須調(diào)用CryptSetKeyParam 使用未記錄的 KP_KEYEXCHANGE_PIN 或 KP_SIGNATURE_PIN 并希望您的底層硬件令牌提供商支持它.(它們并非完全沒(méi)有文檔 - Windows CE 和 Windows Mobile 的文檔提到了它們 (2) 并且它們包含在頭文件中).

To set the password through CAPI, you must call CryptSetKeyParam with the undocumented KP_KEYEXCHANGE_PIN or KP_SIGNATURE_PIN and hope your underlying hardware token provider supports it. (They are not completely undocumented - the documentation for Windows CE and Windows Mobile mention them (2) and they are included in the header files).

這篇關(guān)于Java 安全 - MSCAPI 提供程序:如何在不彈出密碼的情況下使用?的文章就介紹到這了，希望我們推薦的答案對(duì)大家有所幫助，也希望大家多多支持html5模板網(wǎng)！