[Pki-devel] Newbie Getting Started with JSS

Magnus K Karlsson magnus.r.karlsson at gmail.com
Sat Sep 14 08:15:49 UTC 2019


Hi,

I'm new to JSS and have a getting started question. I'm trying to run the
KeyStoreTest

https://github.com/dogtagpki/jss/blob/master/org/mozilla/jss/tests/KeyStoreTest.java

I'm on Fedora 30 and had installed JSS via yum installed version
4.6.1-2.fc30. I have the below code copied from KeyStoreTest.

And when running I get a problem about loading
KeyStore.getInstance("Mozilla-JSS"). The provider is loaded, as you can see
when printing all providers.

So please advise, I'm stuck and can not figure out what is wrong.

Best Regards
Magnus K Karlsson

$ java -cp
target/example-nssdb-1.0.0-SNAPSHOT.jar:/usr/lib64/jss/jss4.jar:/usr/share/java/slf4j/slf4j-api.jar:/usr/share/java/slf4j/slf4j-simple.jar
se.magnuskkarlsson.example.nssdb.NSSJSSTool
[main] INFO org.mozilla.jss.CryptoManager - CryptoManager: loading JSS
library
[main] INFO org.mozilla.jss.CryptoManager - CryptoManager: loaded JSS
library from /usr/lib64/jss/libjss4.so
[main] INFO org.mozilla.jss.CryptoManager - CryptoManager: initializing NSS
database at
/home/magnuskkarlsson/NetBeansProjects/example-nssdb/nssdb_sql_softhsm
Enter password for Internal Key Storage Token

Mozilla-JSS version 4.6.1
SUN version 1.8
SunRsaSign version 1.8
SunEC version 1.8
SunJSSE version 1.8
SunJCE version 1.8
SunJGSS version 1.8
SunSASL version 1.8
XMLDSig version 1.8
SunPCSC version 1.8
Exception in thread "main" java.security.KeyStoreException: Mozilla-JSS not
found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at se.magnuskkarlsson.example.nssdb.NSSJSSTool.main(NSSJSSTool.java:43)
Caused by: java.security.NoSuchAlgorithmException: Mozilla-JSS KeyStore not
available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:730)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 1 more

package se.magnuskkarlsson.example.nssdb;

import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.util.Enumeration;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.JSSProvider;
import org.mozilla.jss.crypto.CryptoToken;
import org.mozilla.jss.pkcs11.PK11Token;
import org.mozilla.jss.util.ConsolePasswordCallback;

// OLD project page:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/JSS
// NEW project page: https://github.com/dogtagpki/jss
//
https://github.com/dogtagpki/jss/blob/master/org/mozilla/jss/tests/KeyStoreTest.java
public class NSSJSSTool {

    public static void main(String[] args) throws Exception {
        // System.setProperty("java.library.path", "/usr/lib64/jss");

        String dbdir =
"/home/magnuskkarlsson/NetBeansProjects/example-nssdb/nssdb_sql_softhsm";

        CryptoManager.initialize(dbdir);
        CryptoManager cm = CryptoManager.getInstance();

        // login to the token
        CryptoToken token = cm.getInternalKeyStorageToken();
        //CryptoToken token = cm.getTokenByName("Builtin Object Token");
        try {
            token.login(new ConsolePasswordCallback());
        } catch (PK11Token.NotInitializedException e) {
            e.printStackTrace();
        }
        cm.setThreadToken(token);

        for (Provider provider : Security.getProviders()) {
            System.out.println(provider);
        }

        // Provider provider = new JSSProvider();
        // Provider p = new sun.security.pkcs11.SunPKCS11(configName);
        // Security.addProvider(p);
        KeyStore ks = KeyStore.getInstance("Mozilla-JSS");
        ks.load(null, null);

        dumpAliases(ks);
    }

    public static void dumpAliases(KeyStore ks) throws Exception {
        Enumeration<String> aliases = ks.aliases();

        System.out.println("Aliases:");
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            System.out.println("\"" + alias + "\"");
        }
        System.out.println();
    }
}

-- 
Med vänliga hälsningar
Magnus K Karlsson

Mobile: +46 (0)70 218 00 84
Email: magnus.r.karlsson at gmail.com
Blog: magnus-k-karlsson.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20190914/c124cd21/attachment.htm>


More information about the Pki-devel mailing list