Reputation: 1732
Read smart card information without PIN?
I have a Java app that can read certificates from smart cards and use them to log in a user. The app can also track failed login attempts using other login methods (user name and password).
I want to know if it is possible to read user information from a smart card without the pin? I would like to mark a failed pin entry as a failed login attempt, but because I need the pin to read the alias from the certificate, I can't know what user is attempting the login. Is there anyway to read this information without the pin in Java?
I tried loading the KeyStore object based on a suggestion from this thread: Getting certificates from PKCS11 Smartcard without PIN/password but have no luck. I don't even know if this is possible.
I can seen certain information from my ActivClient Agent without entering the pin, but don't know if Java can somehow retrieve this. This is how I am loading the keystore:
KeyStore keyTest = KeyStore.getInstance("PKCS11",pkcs11Provider);
keyTest.load(null,null);
The above still asks for a pin even though I have not specified a callback handler. The pkcs11Provider is the cfg containing the ActivClient dll. Normally I load the keystore using a pin callback handler.
Upvotes: 1
Views: 1507
Answers (1)
Reputation: 1732
After some investigation, this depends heavily on the type of card you are using and the PKCS11 library you use. There is no one answer fits all.
Upvotes: 2
Related Questions
- Access Smartcard data prior to giving a PIN
- Read smart card files
- How can I read data from a smart card to authenticate a user?
- How to read a smart card/ microprocessor card using a smart card reader in android programmatically
- How to interact with a smart card in Java?
- Java Smart Card - Reading Scosta Smart Card
- How to read file from smart card using java
- Accessing smart card with Java
- Java and contactless smartcards
- How to access a smartcard in Java on Linux?