Signing documents with SunMSCAPI and suppressing the “Enter PIN” dialog

Question

I am developing a java code that signs documents using a certificate token. So far, everything works great, but I want to suppress the \"enter pin\" dialog because I am storing

Answer 1

MS CryptoAPI doesn't provide any way at all to specify the PIN. Your only option is to switch from CryptoAPI to PKCS#11 if possible -- PKCS#11 requires you to "logon" to device in code and provide the PIN in code as well.

Update: some CSP (cryptographic service provider) modules shipped by some hardware vendors let you call a special CryptoAPI function (CryptSetProvParam, https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptsetprovparam) and pass PIN to it. You need to contact a vendor for information if your hardware's CSP supports this method of setting a PIN and if it does, what the exact parameter ID is etc. Anyway, you won't be currently capable of setting the PIN in this way from your Java application using the standard SunMSCAPI provider.