How to suppress PIN Error Dialog from Keystore.load when Keystore is a USB cryptotoken

Question

Hi I am using SUN PKCS11 implementation to perform operations with PKI certificates in USB cryptotokens

I created a provider object for the particular USB token and then call

Keystore ks =  KeyStore.getInstance(PKCS11_KEYSTORE_TYPE,prov);

Then I load it with

keyStore.load(null, PIN.toCharArray())

PIN is the user entered PIN for the particular certificate

Now different cryptotokens behave differently when the load fails because of a Wrong PIN. Keystore::load throws an IOException when PIN is wrong however,

For eg.

1. Watchdata USB token first throws a dialog box with a message "PIN is wrong. X attempts left" & then throws the IOException.
2. Gemalto & Fietian don't throw a dialog box but only throw an IOException

I want to show an PIN error message for all USB types, but if I add my own dialog, then on WatchData I end up getting 2 dialogs (1 from Watchdata & 1 of my own).

Is there a way to figure out whether the error message has already been shown? Or alternately is there a way to suppress the error dialog on dongles which show their own?

Answer 1

The behavior is token-specific because the standard doesn't specify, how exactly the drivers must behave. So showing the window is beyond your control. The best you can do is contact the vendor of the specific device and ask them for assistance.