Thanks Brian,
The actual requirement for us is to list the certificates that are
installed on the USB token connected to the device. For the desktop
application, we could achieve this from the below lines of code
--------------------------
String pkcs11ConfigFile = "D:\\NCSA\\java\\SmartCardSecurity\\pkcs11.cfg";
Provider pkcs11Provider = new
sun.security.pkcs11.SunPKCS11(pkcs11ConfigFile);
Security.addProvider(pkcs11Provider);
//PIN is used to protect the information strored in the card
char[] pin = ...;//password
KeyStore smartCardKeyStore = KeyStore.getInstance("PKCS11");
smartCardKeyStore.load(null, pin);
//Get the enumeration of the entris in the keystore
Enumeration aliasesEnum = smartCardKeyStore.aliases();
while (aliasesEnum.hasMoreElements()) {
//Print certificate
X509Certificate cert = (X509Certificate)
smartCardKeyStore.getCertificate(alias);
System.out.println("Certificate: " + cert);
}
----------------------------------------
Found that Bouncy castle is the provider on the device. Have not tried
connecting USB to the device yet. The USB dongles that we have has a class
A certificate installed on it. And in our application we are supposed to
list or read that certificate.
we will try the solution that you have provided for version 4.0 and any
more help on this is highly appreciated.
Regards
Harish
On Tue, Nov 22, 2011 at 12:53 AM, Brian Carlstrom <[email protected]> wrote:
> On Mon, Nov 21, 2011 at 2:46 AM, Harish <[email protected]> wrote:
>
>> I guess cacerts.bks doesn't get updated when a new certificate
>> is installed from SD card.
>
>
> that is correct, this just contains system CA certificates in releases
> before 4.0, and doesn't exist in 4.0
>
>
>> if it is not in cacerts.bks, then in which
>> key store the certificate is getting installed and how to read that
>> through a program.
>
>
> they are managed by a keystore daemon and there is no public API to access
> them before 4.0. Starting in 4.0 an application can request access to
> installed certs via
> http://developer.android.com/reference/android/security/KeyChain.html,
> but the user has to approve such access per application.
>
> -bri
>
>
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/android-security-discuss?hl=en.
