Ubuntu + SACTools (gemalto): Unable to register SunPKCS11 security provider.
617 views
Skip to first unread message
Robert Mařík
Apr 21, 2021, 2:23:50 AM4/21/21
to JSignPdf
Ahoj, dekuji za skvely sw a prepinam do AJ, aby se to dalo lepe dohledavat a aby poradilo vice lidi. :)
Hello,
trying to sign PDF using token from gemalto and SafeNet Authentization client (https://www.postsignum.cz/etoken_5110_cc.html) I have the following
(base) marik@marik-thinkpad-x260:~/jsignpdf-1.6.4$ java -jar JSignPdf.jar --version
DEBUG Relaxing SSL security.
DEBUG Registering SunPKCS11 provider from configuration in conf/pkcs11.cfg
Unable to register SunPKCS11 security provider.
java.lang.NoSuchMethodException: sun.security.pkcs11.SunPKCS11.<init>(java.lang.String)
at java.base/java.lang.Class.getConstructor0(Class.java:3349)
at java.base/java.lang.Class.getConstructor(Class.java:2151)
at net.sf.jsignpdf.utils.PKCS11Utils.registerProvider(PKCS11Utils.java:66)
at net.sf.jsignpdf.Signer.main(Signer.java:109)
JSignPdf version 1.6.4
DEBUG Relaxing SSL security.
DEBUG Registering SunPKCS11 provider from configuration in conf/pkcs11.cfg
Unable to register SunPKCS11 security provider.
java.lang.NoSuchMethodException: sun.security.pkcs11.SunPKCS11.<init>(java.lang.String)
at java.base/java.lang.Class.getConstructor0(Class.java:3349)
at java.base/java.lang.Class.getConstructor(Class.java:2151)
at net.sf.jsignpdf.utils.PKCS11Utils.registerProvider(PKCS11Utils.java:66)
at net.sf.jsignpdf.Signer.main(Signer.java:109)
JSignPdf version 1.6.4
It seems that pkcs11 is not configured correctly.
I have
library=/usr/lib/pkcs11/libIDPrimePKCS11.so
in the conf file. The name of the library is from the output of the command dpkg -L safenetauthenticationclient where safenetauthenticationclient is the deb package from the provider of the token. So I hope it is correct. Another candidate, library=/usr/lib/pkcs11/libeTPkcs11.so , produces the same output.
Any idea?
Thank you.
Robert
Josef Cacek
Apr 21, 2021, 3:22:32 AM4/21/21
to JSignPdf forum
Hi Rob,
the problem is most probably caused by API changes in newer Java
versions (9 and higher). I had the fix prepared for some time already,
but I didn't make a new release till now :)
Could you try to update JSignPdf to the new version 1.6.5 and get back
to here to confirm?
https://sourceforge.net/projects/jsignpdf/files/stable/JSignPdf%201.6.5/
Just in case the JSignPdf upgrade doesn't solve the problem: Could you
also try if using Java version 8 helps?
Thank you,
-- Josef
st 21. 4. 2021 v 7:23 odesílatel Robert Mařík
<robert....@gmail.com> napsal:
> --
> You received this message because you are subscribed to the Google Groups "JSignPdf" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jsignpdf+u...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jsignpdf/1ceddc45-bcb9-4f39-8d39-1af84f9bf6f7n%40googlegroups.com.
the problem is most probably caused by API changes in newer Java
versions (9 and higher). I had the fix prepared for some time already,
but I didn't make a new release till now :)
Could you try to update JSignPdf to the new version 1.6.5 and get back
to here to confirm?
https://sourceforge.net/projects/jsignpdf/files/stable/JSignPdf%201.6.5/
Just in case the JSignPdf upgrade doesn't solve the problem: Could you
also try if using Java version 8 helps?
Thank you,
-- Josef
st 21. 4. 2021 v 7:23 odesílatel Robert Mařík
<robert....@gmail.com> napsal:
> You received this message because you are subscribed to the Google Groups "JSignPdf" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jsignpdf+u...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jsignpdf/1ceddc45-bcb9-4f39-8d39-1af84f9bf6f7n%40googlegroups.com.
Robert Mařík
Apr 21, 2021, 4:57:42 AM4/21/21
to JSignPdf
Hi, this is just to confirm that downgrade to Java8 openjdk (with setup as described in the JsignPDF manual) removes the error message from the subject of this thread. The token is shown in the GUI now.
When I try to sign PDF, I get another error which remains also for 1.6.5 and also for Java 11 openjdk, but this could be another story.
java.security.InvalidKeyException: Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding
Robert
Dne středa 21. dubna 2021 v 9:22:32 UTC+2 uživatel josef...@gmail.com napsal:
Θεόφιλος Ιντζόγλου
Apr 21, 2021, 8:31:27 AM4/21/21
to jsig...@googlegroups.com
I use a similar gemalto token and I didn’t manage to make it work with the
latest version of ubuntu. The last version that I got it working with
safenetauthenticationclient (version 9 and 10) was Ubuntu 18. For that reason
I have a small vm with ubuntu18 just for signing.
Theofilos Intzoglou
--
() ascii ribbon campaign - against html mail
/\ - against microsoft attachments
latest version of ubuntu. The last version that I got it working with
safenetauthenticationclient (version 9 and 10) was Ubuntu 18. For that reason
I have a small vm with ubuntu18 just for signing.
Theofilos Intzoglou
() ascii ribbon campaign - against html mail
/\ - against microsoft attachments
Robert Mařík
Jun 17, 2021, 1:05:16 AM6/17/21
to JSignPdf
Problem resolved with JSignPDF 2.0.0
Thank you.
R.
Dne středa 21. dubna 2021 v 14:31:27 UTC+2 uživatel int...@gmail.com napsal:
Reply all
Reply to author
Forward
0 new messages