src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java

Print this page
7191662: JCE providers should be located via ServiceLoader

@@ -61,18 +61,13 @@
 
     private static final long serialVersionUID = -1354835039035306505L;
 
     static final Debug debug = Debug.getInstance("sunpkcs11");
 
-    private static int dummyConfigId;
-
     // the PKCS11 object through which we make the native calls
     final PKCS11 p11;
 
-    // name of the configuration file
-    private final String configName;
-
     // configuration information
     final Config config;
 
     // id of the PKCS#11 slot we are using
     final long slotID;

@@ -93,51 +88,101 @@
     Token getToken() {
         return token;
     }
 
     public SunPKCS11() {
-        super("SunPKCS11-Dummy", 1.9d, "SunPKCS11-Dummy");
-        throw new ProviderException
-            ("SunPKCS11 requires configuration file argument");
+        this(defConfig);
     }
 
-    public SunPKCS11(String configName) {
-        this(checkNull(configName), null);
+    @Override
+    public Provider configure(String configArg) throws InvalidParameterException {
+        if (configArg == null) {
+            throw new InvalidParameterException("SunPKCS11 requires a configuration file");
     }
+        try {
+            return AccessController.doPrivileged(new PrivilegedExceptionAction<Provider>() {
+                @Override
+                public Provider run() throws Exception {
+                    String newConfigName = configArg;
+                    return new SunPKCS11(new Config(checkNull(newConfigName)));
+                }
+            });
+        } catch (PrivilegedActionException pae) {
+            InvalidParameterException ipe =
+                new InvalidParameterException("Error configuring SunPKCS11 provider");
+            throw (InvalidParameterException) ipe.initCause(pae.getException());
+        }
+    }
 
-    public SunPKCS11(InputStream configStream) {
-        this(getDummyConfigName(), checkNull(configStream));
+    @Override
+    public String getArgument() {
+        String fn = config.getFileName();
+        try {
+            if (new File(fn).canRead()) {
+                return fn;
     }
+        } catch (SecurityException se) {
+            if (debug != null) {
+                System.out.println("No permission to read config: " + fn);
+                se.printStackTrace();
+            }
+        }
+        return "";
 
+    }
+
     private static <T> T checkNull(T obj) {
         if (obj == null) {
             throw new NullPointerException();
         }
         return obj;
     }
 
-    private static synchronized String getDummyConfigName() {
-        int id = ++dummyConfigId;
-        return "---DummyConfig-" + id + "---";
+    private static final Config defConfig;
+    static {
+        Config c = null;
+        if (System.getProperty("os.name").startsWith("SunOS")) {
+            try {
+                c = new Config(AccessController.doPrivileged(new PrivilegedAction<String>() {
+                    public String run() {
+                        String sep = System.getProperty("file.separator");
+                        String javaHome = System.getProperty("java.home");
+                        return javaHome + sep + "conf" + sep + "security" + sep +
+                            "sunpkcs11-solaris.cfg";
     }
+                }));
+            } catch (IOException ioe) {
+                if (debug != null) {
+                    System.out.println("Error parsing default config: " + ioe);
+                    ioe.printStackTrace();
+                }
+            }
+        }
+        defConfig = (c == null? Config.getDummyConfig() : c);
+    }
 
-    /**
-     * @deprecated use new SunPKCS11(String) or new SunPKCS11(InputStream)
-     *         instead
-     */
-    @Deprecated
-    public SunPKCS11(String configName, InputStream configStream) {
-        super("SunPKCS11-" +
-            Config.getConfig(configName, configStream).getName(),
-            1.9d, Config.getConfig(configName, configStream).getDescription());
-        this.configName = configName;
-        this.config = Config.removeConfig(configName);
+    SunPKCS11(Config c) {
+        super("SunPKCS11-" + c.getName(), 1.9d, c.getDescription());
+        this.config = c;
 
+        // stop here with minimum initialization when Config.DUMMY is used
+        if (c == Config.getDummyConfig()) {
+            p11 = null;
+            slotID = -1;
+            removable = false;
+            nssModule = null;
+            nssUseSecmodTrust = false;
         if (debug != null) {
-            System.out.println("SunPKCS11 loading " + configName);
+                System.out.println("SunPKCS11 loading Config.DUMMY");
         }
+            return;
+        }
 
+        if (debug != null) {
+            System.out.println("SunPKCS11 loading " + config.getFileName());
+        }
+
         String library = config.getLibrary();
         String functionList = config.getFunctionList();
         long slotID = config.getSlotID();
         int slotListIndex = config.getSlotListIndex();
 

@@ -809,15 +854,21 @@
     // create the poller thread, if not already active
     private void createPoller() {
         if (poller != null) {
             return;
         }
-        TokenPoller poller = new TokenPoller(this);
+        final TokenPoller poller = new TokenPoller(this);
+        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            @Override
+            public Void run() {
         Thread t = new ManagedLocalsThread(poller, "Poller " + getName());
         t.setDaemon(true);
         t.setPriority(Thread.MIN_PRIORITY);
         t.start();
+                return null;
+            }
+        });
         this.poller = poller;
     }
 
     // destroy the poller thread, if active
     private void destroyPoller() {

@@ -1454,20 +1505,20 @@
 
         private final String configName;
 
         SunPKCS11Rep(SunPKCS11 provider) throws NotSerializableException {
             providerName = provider.getName();
-            configName = provider.configName;
+            configName = provider.config.getFileName();
             if (Security.getProvider(providerName) != provider) {
                 throw new NotSerializableException("Only SunPKCS11 providers "
                     + "installed in java.security.Security can be serialized");
             }
         }
 
         private Object readResolve() throws ObjectStreamException {
             SunPKCS11 p = (SunPKCS11)Security.getProvider(providerName);
-            if ((p == null) || (p.configName.equals(configName) == false)) {
+            if ((p == null) || (p.config.getFileName().equals(configName) == false)) {
                 throw new NotSerializableException("Could not find "
                         + providerName + " in installed providers");
             }
             return p;
         }