1 /*
2 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
52 static final int ERR_HALT = 1;
53 static final int ERR_IGNORE_ALL = 2;
54 static final int ERR_IGNORE_LIB = 3;
55
56 // same as allowSingleThreadedModules but controlled via a system property
57 // and applied to all providers. if set to false, no SunPKCS11 instances
58 // will accept single threaded modules regardless of the setting in their
59 // config files.
60 private static final boolean staticAllowSingleThreadedModules;
61
62 static {
63 String p = "sun.security.pkcs11.allowSingleThreadedModules";
64 String s = AccessController.doPrivileged(new GetPropertyAction(p));
65 if ("false".equalsIgnoreCase(s)) {
66 staticAllowSingleThreadedModules = false;
67 } else {
68 staticAllowSingleThreadedModules = true;
69 }
70 }
71
72 // temporary storage for configurations
73 // needed because the SunPKCS11 needs to call the superclass constructor
74 // in provider before accessing any instance variables
75 private final static Map<String,Config> configMap =
76 new HashMap<String,Config>();
77
78 static Config getConfig(final String name, final InputStream stream) {
79 Config config = configMap.get(name);
80 if (config != null) {
81 return config;
82 }
83 try {
84 config = new Config(name, stream);
85 configMap.put(name, config);
86 return config;
87 } catch (Exception e) {
88 throw new ProviderException("Error parsing configuration", e);
89 }
90 }
91
92 static Config removeConfig(String name) {
93 return configMap.remove(name);
94 }
95
96 private final static boolean DEBUG = false;
97
98 private static void debug(Object o) {
99 if (DEBUG) {
100 System.out.println(o);
101 }
102 }
103
104 // Reader and StringTokenizer used during parsing
105 private Reader reader;
106
107 private StreamTokenizer st;
108
109 private Set<String> parsedKeywords;
110
111 // name suffix of the provider
112 private String name;
113
114 // name of the PKCS#11 library
115 private String library;
116
117 // description to pass to the provider class
118 private String description;
119
120 // slotID of the slot to use
121 private int slotID = -1;
122
123 // slot to use, specified as index in the slotlist
184 private boolean nssNetscapeDbWorkaround = true;
185
186 // Special init argument string for the NSS softtoken.
187 // This is used when using the NSS softtoken directly without secmod mode.
188 private String nssArgs;
189
190 // whether to use NSS trust attributes for the KeyStore of this provider
191 // this option is for internal use by the SunPKCS11 code only and
192 // works only for NSS providers created via the Secmod API
193 private boolean nssUseSecmodTrust = false;
194
195 // Flag to indicate whether the X9.63 encoding for EC points shall be used
196 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
197 // (false).
198 private boolean useEcX963Encoding = false;
199
200 // Flag to indicate whether NSS should favour performance (false) or
201 // memory footprint (true).
202 private boolean nssOptimizeSpace = false;
203
204 private Config(String filename, InputStream in) throws IOException {
205 if (in == null) {
206 if (filename.startsWith("--")) {
207 // inline config
208 String config = filename.substring(2).replace("\\n", "\n");
209 reader = new StringReader(config);
210 } else {
211 in = new FileInputStream(expand(filename));
212 }
213 }
214 if (reader == null) {
215 reader = new BufferedReader(new InputStreamReader(in));
216 }
217 parsedKeywords = new HashSet<String>();
218 st = new StreamTokenizer(reader);
219 setupTokenizer();
220 parse();
221 }
222
223 String getName() {
224 return name;
225 }
226
227 String getLibrary() {
228 return library;
229 }
230
231 String getDescription() {
232 if (description != null) {
233 return description;
234 }
235 return "SunPKCS11-" + name + " using library " + library;
236 }
237
238 int getSlotID() {
239 return slotID;
240 }
241
242 int getSlotListIndex() {
|
1 /*
2 * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
52 static final int ERR_HALT = 1;
53 static final int ERR_IGNORE_ALL = 2;
54 static final int ERR_IGNORE_LIB = 3;
55
56 // same as allowSingleThreadedModules but controlled via a system property
57 // and applied to all providers. if set to false, no SunPKCS11 instances
58 // will accept single threaded modules regardless of the setting in their
59 // config files.
60 private static final boolean staticAllowSingleThreadedModules;
61
62 static {
63 String p = "sun.security.pkcs11.allowSingleThreadedModules";
64 String s = AccessController.doPrivileged(new GetPropertyAction(p));
65 if ("false".equalsIgnoreCase(s)) {
66 staticAllowSingleThreadedModules = false;
67 } else {
68 staticAllowSingleThreadedModules = true;
69 }
70 }
71
72 private final static boolean DEBUG = false;
73
74 private static void debug(Object o) {
75 if (DEBUG) {
76 System.out.println(o);
77 }
78 }
79
80 private static final Config DUMMY = new Config();
81
82 static Config getDummyConfig() {
83 return DUMMY;
84 }
85
86 // file name containing this configuration
87 private String filename;
88
89 // Reader and StringTokenizer used during parsing
90 private Reader reader;
91
92 private StreamTokenizer st;
93
94 private Set<String> parsedKeywords;
95
96 // name suffix of the provider
97 private String name;
98
99 // name of the PKCS#11 library
100 private String library;
101
102 // description to pass to the provider class
103 private String description;
104
105 // slotID of the slot to use
106 private int slotID = -1;
107
108 // slot to use, specified as index in the slotlist
169 private boolean nssNetscapeDbWorkaround = true;
170
171 // Special init argument string for the NSS softtoken.
172 // This is used when using the NSS softtoken directly without secmod mode.
173 private String nssArgs;
174
175 // whether to use NSS trust attributes for the KeyStore of this provider
176 // this option is for internal use by the SunPKCS11 code only and
177 // works only for NSS providers created via the Secmod API
178 private boolean nssUseSecmodTrust = false;
179
180 // Flag to indicate whether the X9.63 encoding for EC points shall be used
181 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
182 // (false).
183 private boolean useEcX963Encoding = false;
184
185 // Flag to indicate whether NSS should favour performance (false) or
186 // memory footprint (true).
187 private boolean nssOptimizeSpace = false;
188
189 private Config() {
190 name = "Dummy";
191 description = "Unconfigured and unusable PKCS11 provider";
192 }
193
194 Config(String fn) throws IOException {
195 this.filename = fn;
196 if (filename.startsWith("--")) {
197 // inline config
198 String config = filename.substring(2).replace("\\n", "\n");
199 reader = new StringReader(config);
200 } else {
201 reader = new BufferedReader(new InputStreamReader
202 (new FileInputStream(expand(filename))));
203 }
204 parsedKeywords = new HashSet<String>();
205 st = new StreamTokenizer(reader);
206 setupTokenizer();
207 parse();
208 }
209
210 String getFileName() {
211 return filename;
212 }
213
214 String getName() {
215 return name;
216 }
217
218 String getLibrary() {
219 return library;
220 }
221
222 String getDescription() {
223 if (description != null) {
224 return description;
225 }
226 return "SunPKCS11-" + name + " using library " + library;
227 }
228
229 int getSlotID() {
230 return slotID;
231 }
232
233 int getSlotListIndex() {
|