Hello,
As suggested by @sc-hsm I am looking at using the native JCE Provider “SmartCardHSMProvider” to symmetrically encrypt/decrypt some data on the NitroKey HSM 2 using AES instead of using PKCS#11.
I have managed to download and compile against org.openscdp:smartcardhsmprovider:1.14.346 from the IVY dependency published at Index of /ivy
I want to use the native JCE provider to do effectively the same thing, as show here. Which is to say encrypt/decrypt a some given data using a key inside the HSM.
When I try to do some basic JCE stuff like this, I get an error.
Provider provider = new SmartCardHSMProvider();
Security.addProvider(provider);
KeyStore ks = KeyStore.getInstance("SmartCardHSMKeyStore", provider);
ks.load(null, userPin.toCharArray());
Exception in thread "main" java.security.ProviderException: No card inserted
at de.cardcontact.smartcardhsmprovider.SmartCardHSMProvider.checkCardState(SmartCardHSMProvider.java:524)
at de.cardcontact.smartcardhsmprovider.SmartCardHSMProvider.getSmartCardHSMCardService(SmartCardHSMProvider.java:503)
at de.cardcontact.smartcardhsmprovider.SmartCardHSMKeyStore.engineLoad(SmartCardHSMKeyStore.java:293)
at java.security.KeyStore.load(KeyStore.java:1445)
Any idea what I need to do to make this work?