Closed hhgyu closed 6 months ago
Firstly, thank you for making this great jsign.
Thanks! Don't forget to star this project ;)
DId you try a different slot in pkcs11.cfg?
I tried changing all the slots as you said, but they all failed.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=0
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=1
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=2
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=3
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=4
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=5
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=6
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
-----------------------------------------------------------------------
pkcs11cfg: name=eToken
library=C:\Windows\System32\eTPKCS11.dll
slot=7
stdout: JSIGN Args --alg SHA-1 --keystore ***\pkcs11.cfg --storepass *** --storetype PKCS11 --tsaurl http://timestamp.digicert.com --alias RSA ***\nuxtron.exe
SunPKCS11 loading ***\pkcs11.cfg
Information for provider SunPKCS11-eToken
Library info:
cryptokiVersion: 2.20
manufacturerID: SafeNet, Inc.
flags: 0
libraryDescription: SafeNet eToken PKCS#11
libraryVersion: 10.08
All slots: 0, 1, 2, 3, 4, 5, 6, 7
Slots with tokens: (none)
stderr: sunpkcs11: Initializing PKCS#11 library C:\Windows\System32\eTPKCS11.dll
jsign: Failed to load the keystore ***\pkcs11.cfg
java.security.KeyStoreException: keystore type 'PKCS11' is not supported with security provider SunPKCS11-eToken
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:460)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:281)
at net.jsign.SignerHelper.build(SignerHelper.java:256)
at net.jsign.SignerHelper.sign(SignerHelper.java:388)
at net.jsign.JsignCLI.execute(JsignCLI.java:133)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Caused by: java.security.KeyStoreException: PKCS11 not found
at java.base/java.security.KeyStore.getInstance(KeyStore.java:967)
at net.jsign.KeyStoreType.getKeystore(KeyStoreType.java:455)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-eToken
at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:101)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
at java.base/java.security.Security.getImpl(Security.java:705)
at java.base/java.security.KeyStore.getInstance(KeyStore.java:964)
... 6 more
Try `jsign --help' for more information.
The message "Slots with tokens: (none)" seems to indicate that the USB token is not found. Maybe an issue with VirtualHere?
Thank you for your reply.
I did some testing and the problem was fixed.
When I install the safenet driver and add the token, it is not recognized. However, if I add the token first and then install the safenet driver, the token is recognized.
I then replaced the Windows driver and it worked. UMDF2=> WUDF
Hi,
Firstly, thank you for making this great jsign.
I'm using github actions + virtualhere client + safenet token + jsign.
The signing works fine on my work machine.
But with github actions (windows-lastet) I'm having problems.
jsign --alg SHA-1 --keystore \pkcs11.cfg --storepass --storetype PKCS11 --tsaurl http://timestamp.digicert.com/ --alias RSA ***\nuxtron.exe
pkcs11.cfg